14 matches found
CVE-2025-14430
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Brook brook allows PHP Local File Inclusion.This issue affects Brook: from n/a through = 2.9.0...
CVE-2025-14430
creationtimestamp| type| source ---|---|--- 2026-01-08 11:09:29+00:00| seen| https://gist.github.com/Darkcrai86/3ce729ab874db693c6632e95bbed24ca 2026-01-08 18:13:20+00:00| seen| Telegram/0Ltg3clgFpk0mHXiflx8tvl-2PzmlbDB0RJZcayFz3wz8ak...
CVE-2019-14430
plugin/Audit/Objects/AuditTable.php in YouPHPTube through 7.2 allows SQL Injection...
Mageia: Security Advisory (MGASA-2020-0363)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated ansible package fixes security vulnerabilities
An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri...
CVE-2020-14430
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25,...
CVE-2020-14430
NETGEAR devices listed (RBK752, RBK753, RBK753S, RBR750, RBS750, RBK842, RBR840, RBS840, RBK852, RBK853, RBR850, RBS850) are affected by CVE-2020-14430 due to disclosure of administrative credentials. Impacted firmware before 3.2.15.25 may expose admin credentials; no exploitation details are pro...
CVE-2019-14430
plugin/Audit/Objects/AuditTable.php in YouPHPTube through 7.2 allows SQL Injection...
CVE-2019-14430
YouPHPTube 7.2 contains an SQL injection in userCreate.json.php (CVE-2019-14430). The vulnerability arises from insufficient validation of input in the user creation function, allowing crafted POST data to execute arbitrary SQL against the database. Exploitation details and proof of concept are p...
YouPHPTube 7.2 - 'userCreate.json.php' SQL Injection
Exploit Title: YouPHPTube 7.3 SQL Injection Google Dork: / Date: 19.08.2019 Exploit Author: Fabian Mosch, r-tec IT Security GmbH Vendor Homepage: https://www.youphptube.com/ Software Link: https://github.com/YouPHPTube/YouPHPTube Version: 7.3 Tested on: Linux/Windows CVE : CVE-2019-14430 The...
YouPHPTube 7.2 SQL Injection
Exploit Title: YouPHPTube 7.3 SQL Injection Google Dork: / Date: 19.08.2019 Exploit Author: Fabian Mosch, r-tec IT Security GmbH Vendor Homepage: https://www.youphptube.com/ Software Link: https://github.com/YouPHPTube/YouPHPTube Version: 7.3 Tested on: Linux/Windows CVE : CVE-2019-14430 The...
YouPHPTube 7.2 - userCreate.json.php SQL Injection
YouPHPTube 7.2 - userCreate.json.php SQL Injection Exploit Title: YouPHPTube 7.3 SQL Injection Google Dork: / Date: 19.08.2019 Exploit Author: Fabian Mosch, r-tec IT Security GmbH Vendor Homepage: https://www.youphptube.com/ Software Link: https://github.com/YouPHPTube/YouPHPTube Version: 7.3...
CVE-2018-14430
The Mondula Multi Step Form plugin through 1.2.5 for WordPress allows XSS via the fwdata id1, fwdata id2, fwdata id3, fwdata id4, or email field of the contact form, exploitable with an fwsendemail action to wp-admin/admin-ajax.php...
CVE-2017-14430
The CVE-2017-14430 issue affects D-Link DIR-850L, Rev. A (firmware FW114WWb07_h2ab_beta1) and Rev. B (firmware FW208WWb02). The vulnerability allows remote attackers to cause a denial of service (daemon crash) via crafted LAN traffic. The available connected documents confirm the affected product...