422 matches found
CVE-2024-28396
An issue in MyPrestaModules ordersexport v.6.0.2 and before allows a remote attacker to execute arbitrary code via the download.php component...
CVE-2024-0716 Byzoro Smart S150 Management Platform Backup File download.php information disclosure
A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...
CVE-2024-0716 Byzoro Smart S150 Management Platform Backup File download.php information disclosure
A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...
CVE-2024-0465
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...
CVE-2024-0465 code-projects Employee Profile Management System download.php path traversal
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...
CVE-2024-0465 code-projects Employee Profile Management System download.php path traversal
A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the argument downloadfile leads to path traversal: '../filedir'. The exploit has been disclosed to the...
CVE-2023-7149
A vulnerability was found in code-projects QR Code Generator 1.0. It has been classified as problematic. This affects an unknown part of the file /download.php?file=author.png. The manipulation of the argument file with the input " leads to cross site scripting. It is possible to initiate the...
Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform Operating System Command Injection Vulnerability
Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform is a Multi-Service Secure Gateway Intelligent Management Platform from Beijing Baichuo, China. Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform 20230928 and earlier...
KPOT Stealer CMS 2.0 Directory Traversal
==================================================================================================================================== | Title : KPOT Stealer CMS v2.0 Directory Traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0....
ConverTo Video Downloader And Converter 1.4.2 File Download
==================================================================================================================================== | Title : ConverTo Video Downloader & Converter v1.4.2 - Arbitrary File Download Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | |...
WordPress KAP Theme 2.0 Directory Traversal
==================================================================================================================================== | Title : Wordpress KAP-theme v2.0 Directory Traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
CVE-2023-30198
Prestashop winbizpayment = 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php...
PT-2023-22580 · Prestashop · Prestashop Winbizpayment
Name of the Vulnerable Software and Affected Versions: Prestashop winbizpayment versions 1.0.2 and earlier Description: The issue is related to Incorrect Access Control. It affects the downloads/download.php file in the modules/winbizpayment directory. Recommendations: For Prestashop winbizpaymen...
CVE-2023-30196
Prestashop salesbooster = 1.10.4 is vulnerable to Incorrect Access Control via modules/salesbooster/downloads/download.php...
CVE-2023-30196
Prestashop salesbooster = 1.10.4 is vulnerable to Incorrect Access Control via modules/salesbooster/downloads/download.php...
CVE-2023-30199
Prestashop customexporter = 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php...
Improper access control
Prestashop customexporter = 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php...
CVE-2023-30199
Prestashop customexporter = 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php...
Sql injection
OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at download.php...
CVE-2022-41390
OcoMon v4.0 was discovered to contain a SQL injection vulnerability via the cod parameter at download.php...