92 matches found
CVE-2019-14696
Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/index.php?r=students/guardians/create id parameter...
CVE-2019-8437
njiandan-cms through 2013-05-23 has index.php/admin/usernew CSRF to add an administrator...
CVE-2019-9550
DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS...
WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2019-09134)
WUZHI CMS is five fingers WUZHI company based on PHP and MySQL open source content management system CMS. A stored cross-site scripting vulnerability exists in index.php?m=core&f=index in WUZHI CMS 4.1.0, which can be exploited by remote attackers to inject arbitrary web script or HTML...
EyesOfNetwork web interface 'graph' parameter SQL injection vulnerability
EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A SQL injection vulnerability...
CVE-2017-8897
Invision Power Services IPS Community Suite 4.1.19.2 and earlier has pre-auth reflected XSS in the IPS UTF8 Converter v1.1.18: admin/convertutf8/index.php?controller= is the attack vector. This UTF8 Converter vulnerability can easily be used to make a malicious announcement affecting any Invision...
File upload vulnerability in PHPCMS Content Publishing Management function module
PHPCMS is a website management software. The software adopts modular development and supports a variety of classification methods, using it can easily realize the design, development and maintenance of personalized websites. There is a file upload vulnerability in the PHPCMS content publishing...
HiDisk 2.4 iOS - (FolderPath) Persistent Vulnerability
Document Title: =============== HiDisk 2.4 iOS - FolderPath Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1496 Release Date: ============= 2015-05-19 Vulnerability Laboratory ID VL-ID: ==================================== 1496...
HiDisk 2.4 iOS - (FolderPath) Persistent Vulnerability
Document Title: =============== HiDisk 2.4 iOS - FolderPath Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1496 Release Date: ============= 2015-05-18 Vulnerability Laboratory ID VL-ID: ==================================== 1496...
Multiple SQL Injection Vulnerabilities in Fork CMS
Fork CMS is an open source content management system CMS developed using PHP. The system contains blogs , questions and answers , forms and other modules . A SQL injection vulnerability exists in Translations in Fork CMS versions prior to 3.8.6. The 'language' and 'type' parameters are not...
USB Disk Free v1.0 iOS - File Include Vulnerability
Document Title: =============== USB Disk Free v1.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id= Release Date: ============= 2014-10-10 Vulnerability Laboratory ID VL-ID: ==================================== 1340 Commo...
Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability
Document Title: =============== Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1157 Release Date: ============= 2013-12-05 Vulnerability Laboratory ID VL-ID: ====================================...