Sql injection

SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. These fields are mishandled during a Download Import File Template operation...

CVE-2020-15301

SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. These fields are mishandled during a Download Import File Template operation...

CVE-2020-15301

SuiteCRM is affected by a CSV Injection vulnerability (Formula Injection) in the Accounts module. OSV records describe affected versions v7.11.18–v7.11.19 and v7.10.29–v7.10.31, where a low-privileged attacker can inject payloads into input fields; when an administrator exports data to CSV from t...

Arbitrary file deletion

The import.json.php file before 8.9 for Avideo is vulnerable to a File Deletion vulnerability. This allows the deletion of configuration.php, which leads to certain privilege checks not being in place, and therefore a user can escalate privileges to admin...

CVE-2019-17233

Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection...

ExpressionEngine: Import File Converter - local File inclusion

@lawrenceamer discovered a local file inclusion vulnerability that logged in users with access to the control panel and permission to access developer utilities may be able to exploit. @lawrenceamer gave a detailed report with step-by-step instructions for replicating and screen captures of a the...

WinRar 5.30 beta 4 - Settings Import Command Execution Exploit

Exploit for windows platform in category local exploits !/usr/bin/python -w Title : WinRar Settings Import Command Execution Date : 02/10/2015 Author : R-73eN Tested on : Windows 7 Ultimate Vulnerable Versions : Winrar 5.30 beta 4 The vulnerability exists in the "Import Settings From File"...

Real-DRAW PRO 5.2.4 - Import File Crash

Real-DRAW PRO 5.2.4 - Import File Crash Real-DRAW PRO 5.2.4 Import File Crash =================================================================================== Exploit Title:Real-DRAW PRO 5.2.4 Malicious PNG File Denial of service Vendor : http://www.mediachance.com/ Author: Ahmed Elhady Mohame...

Real-DRAW PRO 5.2.4 Denial Of Service

Real-DRAW PRO 5.2.4 Import File Crash =================================================================================== Exploit Title:Real-DRAW PRO 5.2.4 Malicious PNG File Denial of service Vendor : http://www.mediachance.com/ Author: Ahmed Elhady Mohamed Email : [email protected]...

Easy Audio Editor Local SEH Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python print"" print" Exploit Title: Easy Audio Editor Local SEH Exploit " print" Author: Angel Injection " print" Tested On: Windows xp sp3 " print" Usage: Import File, Select It, " print"" windows/exec - 303 bytes CMD=calc.ex...

Abee Chm Maker 1.9.5 (CMP File) Stack overflow Exploit

Exploit for unknown platform in category local exploits ====================================================== Abee Chm Maker 1.9.5 CMP File Stack overflow Exploit ====================================================== exploit.py Abee Chm Maker 1.9.5 Stack overflow Exploit By:Encrypt3d.M!nd After...