CVE-2023-49489

Reflective Cross Site Scripting XSS vulnerability in KodExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APPHOST parameter at config/i18n/en/main.php...

EUVD-2022-34601

Malicious code in bioql PyPI...

PT-2024-18369 · WordPress · Disable Json Api

Name of the Vulnerable Software and Affected Versions: Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress versions up to, and including, 4.51 Description: The issue is related to unauthorized modification of data due to a missing...

KodExplorer Cross-Site Scripting Vulnerability

KodExplorer is a web file manager by the individual developer warlee. A cross-site scripting vulnerability exists in KodExplorer version 4.51, which stems from the APPHOST parameter in config/i18n/en/main.php, which can be used to obtain sensitive information and elevate privileges...

CVE-2023-49489

Reflective Cross Site Scripting XSS vulnerability in KodExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APPHOST parameter at config/i18n/en/main.php...

Cross site scripting

KodExplorer 4.51 contains a Cross-Site Scripting XSS vulnerability in the Description box of the Light App creation feature. An attacker can exploit this vulnerability by injecting XSS syntax into the Description field...

CVE-2023-37153

CVE-2023-37153 : KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability in the Description field of the Light App creation feature. An attacker can inject XSS syntax into the Description, causing script execution when the field is rendered. The available connected documents confirm ...

KodExplorer 跨站脚本漏洞

KodExplorer is a web file manager by warlee personal developer. A security vulnerability exists in KodExplorer version 4.51, which stems from a cross-site scripting XSS vulnerability contained in the description box of the Create function, which can be exploited by an attacker by injecting XSS...

CVE-2022-2333

If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions...

Design/Logic Flaw

A local unprivileged attacker may escalate to administrator privileges in Honeywell SoftMaster version 4.51, due to insecure permission assignment...

Command injection

PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability. Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected products/versions are as...

University of Washington pop2d 4.46/4.51/4.54/4.55 Remote File Read Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1484/info A vulnerability exists in versions of the ipop2d daemon, through version 4.55. ipop2d is part of the University of Washington imap package. Versions through 4.7c of the imap package are affected. Any user who ha...

Calacode @Mail Webmail 4.51 Filtering Engine HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21708/info Calacode @Mail is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute arbitrary script code in the victim's...

Zoom Player 4.51 Denial Of Service

!/usr/bin/perl 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website:...

Zoom Player 4.51 Standard - ".avi" Denial Of Service

Exploit for windows platform in category dos / poc !/usr/bin/perl 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS,...

Wordpress Plugins - VideoWhisper Video Conference Arbitrary File Upload

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

CVE-2010-4934

SQL injection vulnerability in video.php in Get Tube 4.51 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

Sql injection

SQL injection vulnerability in video.php in Get Tube 4.51 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-4934

CVE-2010-4934 : SQL injection in Get Tube

Get Tube 4.51 & All Versions SQL Injection Vulnerability

Exploit for php platform in category web applications ======================================================== Get Tube 4.51 & All Versions SQL Injection Vulnerability ======================================================== +Title Get Tube 4.51 & All Versions SQL Injection Vulnerability +Author...