128 matches found
PT-2024-38807 · WordPress · Share This Image
Name of the Vulnerable Software and Affected Versions: Share This Image plugin for WordPress versions up to, and including, 2.01 Description: The issue is related to Stored Cross-Site Scripting via the alignment parameter due to insufficient input sanitization and output escaping. This allows...
PT-2024-23035 · Mad Fish Digital · Mad Fish Digital Bulk Noindex & Nofollow Toolkit
Name of the Vulnerable Software and Affected Versions: Mad Fish Digital Bulk NoIndex & NoFollow Toolkit versions through 2.01 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS...
CVE-2023-39853
SQL Injection vulnerability in Dzzoffice version 2.01, allows remote attackers to obtain sensitive information via the doobj and doevent parameters in the Network Disk backend module...
PT-2024-12821 · Dzzoffice · Dzzoffice
Name of the Vulnerable Software and Affected Versions: Dzzoffice version 2.01 Description: The issue allows remote attackers to obtain sensitive information via the doobj and doevent parameters in the Network Disk backend module. This is a SQL Injection vulnerability. Recommendations: For Dzzoffi...
WordPress plugin BBSpoiler 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PerlSpeak Command Execution Vulnerability
PerlSpeak is a module that supports converting text to speech. A security vulnerability exists in PerlSpeak 2.01 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary operating system commands...
CVE-2020-10674
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open...
Design/Logic Flaw
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open...
CVE-2020-10674
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open...
Omron CX-One CX-Protocol
1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-Protocol within CX-One Vulnerabilities: Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code under the privileges of the...
D-Link DIR-600 - Authentication Bypass Vulnerability
Exploit for hardware platform in category web applications Exploit Title: D-Link DIR-600 - Authentication Bypass Absolute Path Traversal Attack CVE - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12943 Date: 29-08-2017 Exploit Author: Jithin D Kurup Contact :...
D-Link DIR-600 - Authentication Bypass
D-Link DIR-600 - Authentication Bypass Exploit Title: D-Link DIR-600 - Authentication Bypass Absolute Path Traversal Attack CVE - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12943 Date: 29-08-2017 Exploit Author: Jithin D Kurup Contact :...
D-Link DIR-600 - Authentication Bypass
Exploit Title: D-Link DIR-600 - Authentication Bypass Absolute Path Traversal Attack CVE - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12943 Date: 29-08-2017 Exploit Author: Jithin D Kurup Contact : https://in.linkedin.com/in/jithin-d-kurup-77b616142 Vendor : www.dlink.com Version:...
SIX-webboard 2.01 File Retrieval Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3175/info SIX-webboard 2.01 does not filter .. and / from user input, allowing users to enter arbitrary values in order to view or retrieve files not normally accessible to them from the remote host...
Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 Telnetd Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/140/info A vulnerability exists within Microsoft's Telnetd daemon which allows a denial of service condition. The popular scanning tool, Nmap 2.01 or later can crash telnetd services when using the SYN scanning flag -sS...
GetSimple CMS 2.01 and 2.02 Administrative Credentials Disclosure
No description provided by source. Researcher: Michael Brooks Affecting: GetSimple CMS 2.01 and 2.02 Fixed:2.03 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://code.google.com/p/get-simple-cms download url for 2.01: http://www.box.net/get-simple/1/30435008/399754548...
GetSimple 2.01 LFI
No description provided by source. Exploit Title: GetSimple 2.01 LFI Date: 4/5/2010 Author: Batch Software Link: http://www.box.net/get-simple Version: 2.01 Special Conditions: Must be admin. Code : ... get file if fileexists$GET'file' readfile$GET'file', 'r'; exit;...
GetSimple CMS 2.01 - Multiple Vulnerabilities (XSS/CSRF)
No description provided by source. !--- Title: GetSimple CMS 2.01 Multiple Vulnerabilities XSS/CSRF Author: 10n1z3d 10n1z3datwdotcn Date: Mon 12 Jul 2010 12:11:45 PM EEST Vendor: http://get-simple.info/ Download: http://www.box.net/get-simple --- -= CSRF PoC 1 - Change Admin Password =- html head...
DB[CMS] 2.0.1 - SQL Injection Vulnerability
No description provided by source. Exploit Title: DBCMS Sql Injection Vulnerability Author: Pokeng Software Link: http://www.debliteck.com/how.php Version: Ver2.01 Platform / Tested on: Win/Linux category: webapps/0day Code : http://site/article.php?id=SQL Dork : Designed and Developed by Deblite...
Arcadem 2.01 Index.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25432/info Arcadem is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying...