47 matches found
Sql injection
An SQL Injection vulnerability exists in Sourcecodester Simple Music Clour Community System 1.0 via the email parameter in /music/ajax.php...
CVE-2021-46200
Affected software: Sourcecodester Simple Music Clour Community System v1.0. Root cause: SQL Injection via the email parameter in /music/ajax.php due to improper input filtering. Impact: high across confidentiality, integrity, and availability (per CVSS 3.1/9.8). Attack vector: network; no user in...
XSS Vulnerability in Octopus-Forum
Octopus-Forum is a community system developed using java. Octopus-Forum suffers from an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...
ThinkSAAS SQL Injection Vulnerability (CNVD-2021-27807)
ThinkSAAS is a lightweight php open source community system , is a can be used to build discussion groups , bbs forums and circles open open source community system . ThinkSAAS before version 3.38 SQL injection vulnerability exists . The vulnerability is caused by the...
Logical design flaws in the web-based training community system
Beijing Sinew Education Technology Co., Ltd. is a comprehensive education technology company that focuses on serving the enrollment and training of higher adult continuing education; professional development training for teachers; research and development of technology related to large-scale onli...
How I was in the Google collaboration community GWC found the reflection type, a storage type, the DOM type of vulnerability? - Vulnerability warning-the black bar safety net
! Google for Work Connect, the GWC is a System, Application Administrator, and partner community of system, but also in Google's vulnerability reward range. Shortly before, I was in the GWC community system found reflection type, a storage type, the DOM typeXSS. The storage typeXSS In the GWC...
ArsDigita Community System 3.4.x Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22121/info ArsDigita Community System is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from...
phpOCS <= 0.1-beta3 (index.php act) Local File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl phpOCS = 0.1-beta3 Local File Inclusion Vulnerability Script: phpOCS is a fully featured Online...
CVE-2010-1923
CVE-2010-1923 affects Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System. The vulnerability is a SQL injection in user.php that allows an attacker to inject SQL via the id parameter in the showgallery action , leading to possible arbitrary SQL execution. Documents consistently descr...
Web 2.0 Social Network Freunde Community System SQL Injection
----------------------------Information------------------------------------------------ +Name : Web 2.0 Social Network Freunde Community System SQL Injection Vulnerability +Autor : Easy Laster +ICQ : 11-051-551 +Date : 08.05.2010 +Script : Web 2.0 Social Network Freunde Community System +Download...
Web 2.0 Social Network Freunde Community System - user.php SQL Injection
Web 2.0 Social Network Freunde Community System - user.php SQL Injection source: https://www.securityfocus.com/bid/40264/info Web 2.0 Social Network Freunde Community System is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in ...
phpOCS <= 0.1-beta3 (index.php act) Local File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl phpOCS = 0.1-beta3 Local File Inclusion Vulnerability Script: "phpOCS is a fully featured Online...
PHPOCS 0.1-beta3 - act Local File Inclusion
PHPOCS 0.1-beta3 - act Local File Inclusion :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl phpOCS = 0.1-beta3 Local File Inclusion Vulnerability Script: "phpOCS is a fully featur...
phpocs-lfi.txt
:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl phpOCS = 0.1-beta3 Local File Inclusion Vulnerability Script: "phpOCS is a fully featured Online Community System. It has fully...
PHPOCS 0.1-beta3 - 'act' Local File Inclusion
:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl phpOCS = 0.1-beta3 Local File Inclusion Vulnerability Script: "phpOCS is a fully featured Online Community System. It has fully...
phpOCS <= 0.1-beta3 (index.php act) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ====================================================================== phpOCS = 0.1-beta3 index.php act Local File Inclusion Vulnerability ====================================================================== :::::::-. ... ::::::. :::. ;;...
ArsDigita Community System目录遍历漏洞
ArsDigita Community System是一款基于WEB的应用程序。 ArsDigita Community System不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是程序对用户提交URL参数缺少过滤,提交包含多个".%252e/"字符作为参数数据,可绕过WEB ROOT限制,以WEB权限查看系统文件内容。 Ars Digita Community System ACS 3.4.10 Ars Digita Community System ACS 3.4.9 Ars Digita Community Education Solution...
CVE-2007-0389
Directory traversal vulnerability in ArsDigita Community System ACS 3.4.10 and earlier, and ArsDigita Community Education Solution ACES 1.1, allows remote attackers to read arbitrary files via .%252e/ double-encoded dot dot slash sequences in the URI...
CVE-2007-0389
The CVE-2007-0389 issue affects ArsDigita Community System (ACS) 3.4.10 and earlier and ArsDigita Community Education Solution (ACES) 1.1. It is a directory traversal vulnerability that lets an attacker read arbitrary files by sending URIs containing double-encoded sequences like .%252e/. The pro...
ArsDigita Community System 3.4.x - Directory Traversal
ArsDigita Community System 3.4.x - Directory Traversal source: https://www.securityfocus.com/bid/22121/info ArsDigita Community System is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve...