25 matches found
GamePanelX-V3 Cross-Site Scripting Vulnerability
GamePanelX-V3 is a free, open source game control panel. A cross-site scripting vulnerability exists in GamePanelX-V3 version 3.0.12, which stems from the GamePanelX-V3-master/ajax/ajax.php URL failing to adequately filter user-supplied data. A remote attacker can exploit this vulnerability to...
WordPress SP Project & Document Manager plugin 'ajax.php' SQL injection vulnerability
WordPress is a blogging platform developed using the PHP language. The 'SP Project & Document Manager' plugin for WordPress suffers from a sql injection vulnerability in the implementation of 'ajax.php', which can be exploited by an attacker to take control of the application and perform...
Vulnerability in World Largest Video Site Turned Million of Visitors into DDoS Zombies
An application layer or 'layer 7' distributed denial of service DDoS attacks is one of the most complicated web attack that disguised to look like legitimate traffic but targets specific areas of a website, making it even more difficult to detect and mitigate. Just Yesterday Cloud-based security...
Multiple SQL Injection vulnerabilities in ClipBucket
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in ClipBucket, which can be exploited to perform SQL Injection attacks. 1 Multiple SQL Injections in ClipBucket: CVE-2012-5849 1.1 The vulnerability exists due to improper sanitation of input in multiple parameters within...
Ajax Script Cross Site Scripting / SQL Injection
Exploit Title: Ajax Script SQL Injection and XSS Vulnerability Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE SQL Injection and XSS can be done using the POST method. Tamper data is available. Vulnerable Page:...