EUVD-2011-4487

Malware in sbrugna...

CVE-2025-31078

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition small-package-quotes-wwe-edition allows Reflected XSS.This issue affects Small Package Quotes – Worldwide Express Edition: from n/...

WordPress plugin Small Package Quotes – Worldwide Express Edition 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

WordPress plugin Small Package Quotes – Worldwide Express Edition SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress plugin...

WordPress Small Package Quotes – Worldwide Express Edition Plugin <= 5.2.18 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin Small Package Quotes – Worldwide Express Edition versions = 5.2.18...

CVE-2024-13534

The Small Package Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 5.2.18 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...

PT-2024-24539 · Hsc Cybersecurity · Hc Mailinspector

Name of the Vulnerable Software and Affected Versions: HSC Cybersecurity HC Mailinspector versions 5.2.17-3 through 5.2.18 Description: An issue in HSC Cybersecurity HC Mailinspector allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the...

CVE-2024-34470

An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read...

HSC Cybersecurity HC Mailinspector 路径遍历漏洞

HSC Cybersecurity HC Mailinspector is a cloud email security solution from HSC Cybersecurity. A path traversal vulnerability exists in HSC Cybersecurity HC Mailinspector versions 5.2.17-3 through v.5.2.18, which stems from an unauthenticated path traversal vulnerability in /public/loader.php, whe...

PT-2024-25923 · Hsc · Hc Mailinspector

Name of the Vulnerable Software and Affected Versions: HSC Mailinspector versions 5.2.17-3 through 5.2.18 Description: An authenticated blind SQL injection issue exists in the mliRealtimeEmails.php file. The ordemGrid parameter in a POST request to "/mailinspector/mliRealtimeEmails.php" does not...

PT-2024-25921 · Unknown · Hc Mailinspector

Name of the Vulnerable Software and Affected Versions: HSC Mailinspector versions 5.2.17-3 through 5.2.18 Description: An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part ...

GHSA-6GF2-PVQW-37PH Log entry injection in Spring Framework

In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more...

Exploit for Argument Injection in Phpmailer_Project Phpmailer

This is a Python script that exploits a vulnerability in PHPMailer version 5.2.18. The script is designed to be run on a vulnerable environment, and it will spawn a vulnerable web application on the host on port 8080. The exploit will drop a shell where commands can be sent to the backdoor. The...

X-Cart 5.0.10 < 5.2.18 Open Redirect

According to the self-reported version in its response header, the version of X-Cart hosted on the remote web server is 5.0.10 5.2.18. It is, therefore, affected by a vulnerability in the redirect functionality. Note that the scanner has not tested for these issues but has instead relied only on...

Oracle VirtualBox Manager 5.2.18 r124319 - &#039;Name Attribute&#039; Denial of Service (PoC)

Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Discovery Date: 2018-09-14 Vendor Homepage: https://www.virtualbox.org/ Software Link:...

CVE-2011-4561

Cross-site scripting XSS vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to admin/index.php. NOTE: some of these details are obtained from third party information...

CVE-2011-4561

Cross-site scripting XSS vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to admin/index.php. NOTE: some of these details are obtained from third party information...

CVE-2011-4561

Phorum 5.2.18 is vulnerable to a cross-site scripting (XSS) flaw in admin.php, exploitable by remote attackers via PATH_INFO to admin/index.php. The issue affects Phorum’s admin interface and can allow injection of arbitrary web script or HTML. Multiple sources (NVD/OpenVAS) confirm the vulnerabi...

Phorum 5.2.18 Cross-site scripting vulnerability

Advisory: Phorum 5.2.18 Cross-site scripting vulnerability Advisory ID: SSCHADV2011-023 Author: Stefan Schurtz Affected Software: Successfully tested on Phorum 5.2.18 Vendor URL: http://www.phorum.org/ Vendor Status: informed CVE-ID: - ========================== Vulnerability Description:...

Phorum 5.2.18 Cross Site Scripting

Advisory: Phorum 5.2.18 Cross-site scripting vulnerability Advisory ID: SSCHADV2011-023 Author: Stefan Schurtz Affected Software: Successfully tested on Phorum 5.2.18 Vendor URL: http://www.phorum.org/ Vendor Status: informed CVE-ID: - ========================== Vulnerability Description:...