Lucene search
K

24 matches found

Cvelist
Cvelist
added 2019/09/27 12:8 p.m.38 views

CVE-2019-13376

phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking leads to stored XSS...

6.8AI score0.00678EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2018/12/31 12:0 a.m.47 views

Bitsolution.ws ICT Consulting Firm 1.0 Bypass / SQL Injection

Exploit Title : Bitsolution.ws ICT Consulting Firm 1.0 SQL Injection / Improper Authentication Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepage : bitsolution.ws Tested On : Windows Category : WebApps Exploit Risk : Medium Version Information : 1.0 CWE : CWE-287 Improper...

0.1AI score
Exploits0
ripstech
ripstech
added 2016/12/01 10:0 a.m.14 views

FreePBX 13: From Cross-Site Scripting to Remote Command Execution

RIPS Analysis The total amount of detected vulnerabilities is very high. Luckily, the majority of the detected vulnerabilities are inside the administration control panel, such that attackers either need to steal a valid account first or they have to trick an administrator into visiting a malicio...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2009/12/04 12:0 a.m.51 views

Invision Power Board 2.3.6/3.0.4 - Local File Inclusion / SQL Injection

============================================= - Severity: Moderately High ============================================= I. VULNERABILITY ------------------------- Invision Power Board = 3.0.4 Local PHP File Inclusion and SQL Injection Invision Power Board = 2.3.6 SQL Injection II. BACKGROUND...

7.4AI score
Exploits0
Rows per page
Query Builder