7736 matches found
VideoWhisper Video Conference Cross Site Scripting
============================================================== Title ...| VideoWhisper Video Conference XSS Version .| Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....| ==============================================================...
Open-School Community Edition 2.2 Cross Site Scripting
============================================================== Title ...| Open-School Community Edition 2.2 Version .| osv2.2-CE.zip Date ....| 23.02.2014 Found ...| HauntIT Blog Home ....| http://sourceforge.net ============================================================== + From admin user:...
X2Engine 3.7.3 Cross Site Scripting / Shell Upload / SQL Injection
============================================================== Title ...| Multiple vulnerabilities in X2Engine Version .| X2Engine 3.7.3 Date ....| .02.2014 Found ...| HauntIT Blog Home ....| ============================================================== + For admin logged in...
PHP-CMDB 0.7.3 Cross Site Scripting / SQL Injection
============================================================== Title ...| Multiple vulnerabilities in PHP-CMDB Version .| php-cmdb0.7.3 Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....| ============================================================== + From admin logged-in...
PHP Calendar 2.0.1 XSS / Information Disclosure
============================================================== Title ...| PHP Calendar Multiple vulnerabilities Version .| php-calendar-2.0.1.zip Date ....| 27.02.2014 Found ...| HauntIT Blog Home ....| http://sourceforge.net ============================================================== + As gue...
WordPress Zedity 2.4.0 Cross Site Scripting
============================================================== Title ...| Zedity XSS Version .| zedity.2.4.0 Date ....| 23.02.2014 Found ...| HauntIT Blog Home ....| http://wordpress.org/plugins/ ==============================================================...
WordPress VideoWhisper Live Streaming 4.29.6 Cross Site Scripting
============================================================== Title ...| XSS in VideoWhisper Live Streaming Version .| 4.29.6 Date ....| 23.02.2014 Found ...| HauntIT Blog Home ....| http://wordpress.org/plugins/ ==============================================================...
WordPress PrintFriendly 3.3.7 Cross Site Scripting
============================================================== Title ...| XSS in PrintFriendly Version .| printfriendly 3.3.7 Date ....| 23.02.2014 Found ...| HauntIT Blog Home ....| http://wordpress.org/plugins/ ==============================================================...
WordPress Post To PDF 2.3.1 Cross Site Scripting
============================================================== Title ...| XSS in WP Post to PDF Version .| wp-post-to-pdf.2.3.1 Date ....| 23.02.2014 Found ...| HauntIT Blog Home ....| http://wordpress.org/plugins/ ==============================================================...
WordPress Widget Control 1.0.1 Cross Site Scripting
============================================================== Title ...| XSS in Widget Control Powered By Everyblock Version .| widget-control-powered-by-everyblock.1.0.1 Date ....| 23.02.2014 Found ...| HauntIT Blog Home ....| http://wordpress.org/plugins/...
WordPress Thanks You Counter Button 1.8.7 Cross Site Scripting
============================================================== Title ...| Thanks You Counter Button XSS Version .| thanks-you-counter-button 1.8.7 Date ....| 23.02.2014 Found ...| HauntIT Blog Home ....| http://www.wordpress.org/plugins/...
Zen Cart E-Commerce 1.5.1 XSS / Open Redirect / Shell Upload
============================================================== Title ...| Multiple vulnerabilities in Zen Cart e-commerce Version .| zen-cart-v1.5.1-full-fileset-09182012 Date ....| 23.02.2014 Found ...| HauntIT Blog Home ....| ============================================================== + For...
ILIAS 4.4.1 Cross Site Scripting / Shell Upload Vulnerabilities
ILIAS version 4.4.1 suffers from cross site scripting and remote shell upload vulnerabilities. ============================================================== Title ...| Multiple vulnerabilities in ILIAS Version .| ilias-4.4.1.zip Date ....| 21.02.2014 Found ...| HauntIT Blog Home ....| www.ilias....
WordPress Acunetix WP Security Make Backup 4.0.3 CSRF Vulnerability
Acunetix WordPress WP Security Make Backup plugin version 4.0.3 suffers from a cross site request forgery vulnerability. Exploit Title: Wordpress Plugin - Acunetix WP Security Make Backup CSRF Date: 2014 11 Fabruary Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for:...
WordPress Acunetix WP Security Make Backup 4.0.3 CSRF
Exploit Title: Wordpress Plugin - Acunetix WP Security Make Backup CSRF Date: 2014 11 Fabruary Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://wordpress.org/plugins/wp-security-scan/ Tested on: Linux &...
Z-Blog的php版官方blog存在sql注入(仅仅官方)
简要描述: 操蛋捏 详细说明: 注入地址http://app.rainbowsoft.org/?zba=220 呵呵,好久没法洞了, 漏洞证明:...
Z-Blog旗下DBS主机漏洞可获得客户域名账号密码
简要描述: Z-Blog旗下DBS主机漏洞存在严重的注入漏洞。客户得到所有的域名账号、密码。 详细说明: 1、用的华众的系统,直接看图,查询代码是这样写的。 2、嘎嘎,注册个会员【te】搞定。决定是超另类的注入。登陆后,点击域名管理: 查询语句就变成了 ufatstr like '%,te,%' 漏洞证明:...
CVE-2014-1915
Multiple cross-site request forgery CSRF vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to hijack the authentication of 1 administrators for requests that change the administrator password via an update action to sw/adminchangepassword.php or 2...
Eventy Online Scheduler 1.8 - Multiple Vulnerabilities
Eventy Online Scheduler 1.8 - Multiple Vulnerabilities Eventy Online Scheduler V1.8 - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home :...
Bit 5 Blog processlogin.php username Parameter SQL Injection - Ver2 (CVE-2006-0320)
An SQL injection vulnerability has been reported in Bit 5 Blog. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...