121 matches found
Infovista VistaPortal SE Cross-Site Scripting Vulnerability (CNVD-2019-07232)
Infovista VistaPortal SE is a Web-based application from Infovista USA. A cross-site scripting vulnerability exists in the PresentSpace.jsp page in Infovista VistaPortal SE version 5.1 build 51029, which can be exploited by a remote attacker to inject arbitrary web script or HTML with the help of...
Infovista VistaPortal SE Cross-Site Scripting Vulnerability (CNVD-2019-07223)
Infovista VistaPortal SE is a Web-based application from Infovista USA. A cross-site scripting vulnerability exists in the EditCurrentPresentSpace.jsp page in Infovista VistaPortal SE version 5.1 build 51029, which can be exploited by a remote attacker to inject arbitrary code with the help of th...
VistaPortal SE 5.1 Cross Site Scripting
Complete list: CVE-2018-19649, CVE-2018-19765, CVE-2018-19766, CVE-2018-19767, CVE-2018-19768, CVE-2018-19769, CVE-2018-19770, CVE-2018-19771, CVE-2018-19772, CVE-2018-19773, CVE-2018-19774, CVE-2018-19775, CVE-2018-19809, CVE-2018-19810, CVE-2018-19811, CVE-2018-19812, CVE-2018-19813,...
CVE-2018-15888
An issue was discovered in ASPCMS 2.5.6. When registering ordinary users in the addUser function of the /member/reg.asp page, they can be registered with the super administrators GroupID directly...
CVE-2018-15888
An issue was discovered in ASPCMS 2.5.6. When registering ordinary users in the addUser function of the /member/reg.asp page, they can be registered with the super administrators GroupID directly...
ZeeBuddy 2x - groupid SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: ZeeBuddy 2x - SQL Injection Vendor Homepage: http://www.zeescripts.com/ Software Link: http://www.zeebuddy.com/ Demo: http://www.zeebuddy.com/demo/ Version: 2x Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2017-1597...
ZeeBuddy SQL Injection Vulnerability
ZeeBuddy is a social networking system based on PHP and MySQL. A SQL injection vulnerability exists in ZeeBuddy version 2x. A remote attacker can exploit this vulnerability by sending the 'groupid' parameter to the admin/editadgroup.php file to inject SQL commands to access or modify database dat...
CVE-2017-15976
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604...
Sql injection
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604...
CVE-2017-15976
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604...
SQL Injection Vulnerability in Groupid Parameter of EAP Digital Campus Integration Management Platform of Guangzhou Zhongda Dongri Education Technology Co.
EAP platform, abbreviated as EAP Enterprise Application Platform, enterprise application platform, also known as enterprise management software platform, is a highly open, integrated with a number of enterprise management software modules. Ltd. EAP digital campus integrated management platform...
1caitong通用型电子采购平台系统 GroupNewsList.aspx 参数GroupId SQL盲注漏洞
No description provided by source...
ManageEngine Applications Manager CommonAPIUtil getMGList groupId SQL Injection
An SQL injection vulnerability exists in ManageEngine Applications Manager. This vulnerability is due to insufficient validation of the groupId parameter when processing requests using the getMGList method of the CommonAPIUtil class...
SCO Open Server 5.0.5 cancel Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/702/info There is a buffer overflow vulnerability in /opt/K/SCO/Unix/5.0.5Eb/.softmgmt/var/usr/bin/cancel. It is important to know that the overflows are not in /usr/bin/cancel or /usr/lpd/remote/cancel. The consequence o...
Cross site scripting
Cross-site scripting XSS vulnerability in fs-admin/wpf-add-forum.php in the ForumPress WP Forum Server plugin before 1.7.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the groupid parameter in an addforum action to wp-admin/admin.php...
Sql injection
Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the 1 memberid or 2 groupid parameters in a removemember action or 3 id parameter to...
CVE-2012-4178
SQL injection vulnerability in spywall/includes/deptUploadsdata.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter...
Sql injection
SQL injection vulnerability in spywall/includes/deptUploadsdata.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter...
Sql injection
Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow remote attackers to execute arbitrary SQL commands via 1 the catid parameter to category.php or 2 the groupid parameter to editadgroup.php...
CVE-2007-0049
Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to add administrative or other accounts via an Add action with a modified GroupID in a direct request to Customize.asp...