72 matches found
Infovista VistaPortal SE Cross-Site Scripting Vulnerability (CNVD-2019-07218)
Infovista VistaPortal SE is a Web-based application from Infovista USA. A cross-site scripting vulnerability exists in the '/VPortal/mgtconsole/Subscribers.jsp' page in Infovista VistaPortal SE version 5.1 build 51029, which can be exploited by a remote attacker with the help of the The...
ZeeBuddy SQL Injection Vulnerability
ZeeBuddy is a social networking system based on PHP and MySQL. A SQL injection vulnerability exists in ZeeBuddy version 2x. A remote attacker can exploit this vulnerability by sending the 'groupid' parameter to the admin/editadgroup.php file to inject SQL commands to access or modify database dat...
ZeeBuddy 2x - groupid SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: ZeeBuddy 2x - SQL Injection Vendor Homepage: http://www.zeescripts.com/ Software Link: http://www.zeebuddy.com/ Demo: http://www.zeebuddy.com/demo/ Version: 2x Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2017-1597...
CVE-2017-15976
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604...
Sql injection
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604...
CVE-2017-15976
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604...
SQL Injection Vulnerability in Groupid Parameter of EAP Digital Campus Integration Management Platform of Guangzhou Zhongda Dongri Education Technology Co.
EAP platform, abbreviated as EAP Enterprise Application Platform, enterprise application platform, also known as enterprise management software platform, is a highly open, integrated with a number of enterprise management software modules. Ltd. EAP digital campus integrated management platform...
Cross site scripting
Cross-site scripting XSS vulnerability in fs-admin/wpf-add-forum.php in the ForumPress WP Forum Server plugin before 1.7.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the groupid parameter in an addforum action to wp-admin/admin.php...
CVE-2012-4178
SQL injection vulnerability in spywall/includes/deptUploadsdata.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter...
Sql injection
SQL injection vulnerability in spywall/includes/deptUploadsdata.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter...
Sql injection
Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow remote attackers to execute arbitrary SQL commands via 1 the catid parameter to category.php or 2 the groupid parameter to editadgroup.php...
PT-2006-6622 · Infinicart · Infinicart
Name of the Vulnerable Software and Affected Versions: INFINICART affected versions not specified Description: The issue concerns SQL injection vulnerabilities that could allow remote attackers to execute arbitrary SQL commands. This is possible via several parameters in different ASP files,...