76 matches found
CVE-2017-14725
Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php...
Open redirect
Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php...
CVE-2017-14725
Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php...
CVE-2017-14725
Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php...
Cross site scripting
The callmsg function in controllers/Form.php in dayrui FineCms 5.0.11 might have XSS related to the Referer HTTP header with Internet Explorer...
CVE-2017-14195
The callmsg function in controllers/Form.php in dayrui FineCms 5.0.11 might have XSS related to the Referer HTTP header with Internet Explorer...
CVE-2017-14195
The callmsg function in controllers/Form.php in dayrui FineCms 5.0.11 might have XSS related to the Referer HTTP header with Internet Explorer...
Sql injection
SQL injection vulnerability in XRMS CRM, possibly 1.99.2, allows remote attackers to execute arbitrary SQL commands via the userid parameter to plugins/webform/new-form.php, which is not properly handled by plugins/useradmin/fingeruser.php...
CVE-2014-4555
CVE-2014-4555 is an XSS vulnerability in the WordPress plugin Style It (versions 1.0 and earlier). The flaw exists in fonts/font-form.php and allows remote attackers to inject arbitrary JavaScript/HTML via the mode parameter. Exploitation status is not detailed in the provided documents, but mult...
ezUpload 2.2 form.php path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...
eoCMS <= 0.9.03 Remote FIle Include Vulnerability
No description provided by source. Exploit Title: eoCMS = 0.9.03 Remote FIle Include Vulnerability Date: 14-12-2009 Author: 1nd0n3s14n l4m3r Software Link: http://eocms.com/index.php?act=plugin&id=4 Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A eoCMS = 0.9.03 Remote FIle Include...
CmsEasy 5.5 /lib/tool/form.php 代码执行漏洞
No description provided by source...
SaurusCMS <=upd 4.7.1 Multiple Remote File Inclusion
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
WebDM CMS - SQL Injection
WebDM CMS SQL Injection Vulnerability EDB-ID: CVE: OSVDB-ID: Author: Dr.0rYX and Cr3w-DZ Published: Verified: Exploit Code: Vulnerable App: . . \ \ /| | \ /|| / / /\ \ | | | | \ \ \ | \ \ |/ \ \ | | \ / \ | /| | | Y \ // / | \ | | / \ \ / \ || /\ /| || || / /\ / || ||\ / / / / / / /...
PHP168 V6.02 form.php存在跨站漏洞
PHP168整站是PHP领域当前功能最强大的建站系统,代码全部开源,可极其方便的进行二次开发,所有功能模块可以自由安装与删除,个人用户完全免费使用 程序因 form.php页面过滤不严导致跨站脚本攻击漏洞 PHP168 V6.0220100504 厂商补丁: PHP168 -------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.php168.net/ http://www.target.com/do/form.php?mid=3"XSS...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 pg parameter to index.php and the 2 path parameter to news/form.php...
Sql injection
SQL injection vulnerability in form.php in WebMember 1.0 allows remote authenticated users to execute arbitrary SQL commands via the formID parameter...
CVE-2009-4667
The CVE-2009-4667 entry concerns a SQL injection in WebMember 1.0 accessing form.php via the formID parameter. The vulnerability affects the form.php handler and can be triggered by an authenticated remote user, enabling arbitrary SQL execution. Affected software is WebMember 1.0; specific exploi...
SilverStripe < 2.3.6 Multiple Vulnerabilities
Binary data 5345.prm...
intuitive - form.php SQL Injection
intuitive - form.php SQL Injection intuitive form.php Sql Injection Vulnerability ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Home : www.sec-attack.com/vb Sec Attack Team .:. Script : http://www.intuitive-websites.com/ .:. Bug Type ...