R-Scripts Vacation Rental Script 7R - Multiple Vulnerabilities

R-Scripts VRS 7R Multiple Stored XSS And CSRF Vulnerabilities Vendor: R-Scripts Product web page: http://www.r-scripts.com Affected version: 7R Summary: PHP Vacation Rental Script is the best solution for your vacation rentals online business. Desc: The application allows users to perform certain...

R-Scripts Vacation Rental Script 7R - Multiple Vulnerabilities

R-Scripts Vacation Rental Script 7R - Multiple Vulnerabilities R-Scripts VRS 7R Multiple Stored XSS And CSRF Vulnerabilities Vendor: R-Scripts Product web page: http://www.r-scripts.com Affected version: 7R Summary: PHP Vacation Rental Script is the best solution for your vacation rentals online...

NXFilter 3.0.3 - CSRF Vulnerabilities

Exploit for jsp platform in category web applications Vendor: ================================ www.nxfilter.org/p2/ Product: ================================ NXFilter v3.0.3 Vulnerability Type: ================================= Cross site request forgery - CSRF Vulnerability Details:...

NXFilter 3.0.3 - Cross-Site Request Forgery

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-NXFILTER-CSRF.txt Vendor: ================================ www.nxfilter.org/p2/ Product: ================================ NXFilter v3.0.3 Vulnerability Type:...

Joomla com_ebcontent SQL Injection Vulnerability

Exploit for php platform in category web applications Joomla comebcontent SQL Injection Vulnerability Test on: kali linux Hompage: dont have Version: all version Dork: inurl:option=comebcontent Vuln: http://site.com/index.php?option=comebcontent&view=article&tmpl=component&id=sql...

PHP Server Monitor 3.1.1 Cross Site Request Forgery

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPSRVMONITOR-CSRF.txt Vendor: ================================ www.phpservermonitor.org...

CVE-2015-6492

Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote attackers to cause a denial of service memory corruption and device crash via a crafted HTTP request...

Realtyna RPL 8.9.2 CSRF / Cross Site Scripting

Realtyna RPL 8.9.2 Joomla Extension Persistent XSS And CSRF Vulnerabilities Vendor: Realtyna LLC Product web page: https://www.realtyna.com Affected version: 8.9.2 Summary: Realtyna CRM Client Relationship Management Add-on for RPL is a Real Estate CRM specially designed and developed based on...

RealtyScript 4.0.2 - Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabilities

RealtyScript v4.0.2 Multiple CSRF And Persistent XSS Vulnerabilities Vendor: Next Click Ventures Product web page: http://www.realtyscript.com Affected version: 4.0.2 Summary: RealtyScript is award-winning real estate software that makes it effortless for a real estate agent, office, or...

RealtyScript v4.0.2 Multiple CSRF And Persistent XSS Vulnerabilities

Summary RealtyScript is award-winning real estate software that makes it effortless for a real estate agent, office, or entrepreneur to be up and running with a real estate web site in minutes. The software is in daily use on thousands of domain names in over 40 countries and has been translated...

RealtyScript 4.0.2 - Multiple Cross-Site Request Forgery Persistent Cross-Site Scripting Vulnerabilities

RealtyScript 4.0.2 - Multiple Cross-Site Request Forgery Persistent Cross-Site Scripting Vulnerabilities RealtyScript v4.0.2 Multiple CSRF And Persistent XSS Vulnerabilities Vendor: Next Click Ventures Product web page: http://www.realtyscript.com Affected version: 4.0.2 Summary: RealtyScript is...

RealtyScript 4.0.2 - Multiple CSRF And Persistent XSS Vulnerabilities

Exploit for php platform in category web applications RealtyScript v4.0.2 Multiple CSRF And Persistent XSS Vulnerabilities Vendor: Next Click Ventures Product web page: http://www.realtyscript.com Affected version: 4.0.2 Summary: RealtyScript is award-winning real estate software that makes it...

Dream CMS 2.3.0 Cross Site Request Forgery

Dream CMS 2.3.0 CSRF Add Extension And File Upload PHP Code Execution...

Reprise License Manager edit_lf_get_data Directory Traversal

A directory traversal vulnerability exists in the Reprise License Manager. The vulnerability is due to insufficient input validation while processing HTTP requests to the editlfgetdata operation. A remote authenticated attacker can leverage this vulnerability by sending crafted HTTP requests to t...

Endian Firewall Proxy Password Change Command Execution (CVE-2015-5082)

A command injection vulnerability has been reported in Endian Firewall. The vulnerability is due to an input validation error in a CGI script. A remote, authenticated attacker can exploit this vulnerability by sending crafted HTTP requests to the target. Successful exploitation could lead to remo...

phpFileManager cmd Parameter Command Execution

A remote command execution vulnerability exists in phpFileManager. The vulnerability is due to a design weakness when handling HTTP requests with "action" parameter set to 6 or 9. A remote user can exploit this vulnerability by injecting arbitrary command in the "cmd" parameter...

Code injection

Cisco Email Security Appliance ESA 8.5.6-106 and 9.6.0-042 allows remote authenticated users to cause a denial of service file-descriptor consumption and device reload via crafted HTTP requests, aka Bug ID CSCuw32211...

CVE-2015-6309

Cisco Email Security Appliance ESA 8.5.6-106 and 9.6.0-042 allows remote authenticated users to cause a denial of service file-descriptor consumption and device reload via crafted HTTP requests, aka Bug ID CSCuw32211...

Imgur: Crossdomain.xml settings on api.imgur.com too open

The crossdomain.xml file hosted at http://api.imgur.com/crossdomain.xml was too open. This allowed SWF files to make HTTP requests and see it's response. If this was not changed, then attacker.com can embed a SWF on attacker.com/example.html that makes an HTTP request to http://api.imgur.com/. Th...

Avira Management Console Server HTTP Header Processing Heap Buffer Overflow

A heap buffer overflow vulnerability has been reported in Avira Management Console Server. The vulnerability exists in the way Update Manager Service handles overly long HTTP headers. A remote unauthenticated attacker could exploit this vulnerability by sending crafted HTTP requests to the server...