phpkobo AjaxNewTicker Cross-Site Request Forgery Vulnerability

phpkobo AjaxNewTicker is an application from phpkobo Inc. A security vulnerability exists in phpkobo AjaxNewTicker version v.1.0.5, which stems from a cross-site request forgery CSRF vulnerability in the parameter txt of the file index.php...

phpkobo AjaxNewTicker Cross-Site Scripting Vulnerability

phpkobo AjaxNewTicker is an application from phpkobo Inc. A security vulnerability exists in phpkobo AjaxNewTicker version v.1.0.5, which stems from a cross-site scripting XSS vulnerability in the parameter cmd of the file index.php...

phpkobo AjaxNewTicker Cross-Site Scripting Vulnerability

phpkobo AjaxNewTicker is an application from phpkobo Inc. A security vulnerability exists in phpkobo AjaxNewTicker version v.1.0.5, which originates from a cross-site scripting XSS vulnerability in the file index.php...

CVE-2023-41445

CVE-2023-41445 affects the PHPKobo AjaxNewTicker product, version 1.0.5. The vulnerability is a Cross-Site Scripting (XSS) flaw in the index.php component that can be triggered by a crafted payload, enabling a remote attacker to execute arbitrary code within the context of the affected applicatio...

CVE-2023-41453

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component...

CVE-2023-41452

Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...

CVE-2023-41448

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the ID parameter in the index.php component...

CVE-2021-38243

xunruicms up to v4.5.1 was discovered to contain a remote code execution RCE vulnerability in /index.php. This vulnerability allows attackers to execute arbitrary code via a crafted GET request...

PT-2023-12334 · Xunruicms · Xunruicms

Name of the Vulnerable Software and Affected Versions: xunruicms versions up to 4.5.1 Description: The issue allows attackers to execute arbitrary code via a crafted GET request to the /index.php endpoint. This enables the execution of arbitrary code, posing a significant risk. Recommendations: F...

Super Store Finder 3.7 Remote Command Execution Vulnerability

Vulnerability : Authenticated Arbitrary PHP Code Injection lead to Remote Code Execution Researcher : Etharus Vendor : Joe Iz, https://www.superstorefinder.net/ Demo Url : https://superstorefinder.net/products/superstorefinder/ Version Affected : 3.7 and below Date : 18 September 2023 FOFA Dork :...

Super Store Finder 3.7 Remote Command Execution

Vulnerability : Authenticated Arbitrary PHP Code Injection lead to Remote Code Execution Researcher : Etharus Vendor : Joe Iz, https://www.superstorefinder.net/ Demo Url : https://superstorefinder.net/products/superstorefinder/ Version Affected : 3.7 and below Date : 18 September 2023 FOFA Dork :...

PT-2023-6860 · Opnsense · Opnsense

Name of the Vulnerable Software and Affected Versions: OPNsense versions prior to 23.7.5 Description: The issue is related to the lack of protection of the web page structure in the OPNsense operating system. This can be exploited by a remote attacker to conduct cross-site scripting attacks using...

CVE-2023-42359

SQL injection vulnerability in Exam Form Submission in PHP with Source Code v.1.0 allows a remote attacker to escalate privileges via the val-username parameter in /index.php...

CVE-2023-5034

A vulnerability classified as problematic was found in SourceCodester My Food Recipe 1.0. This vulnerability affects unknown code of the file index.php of the component Image Upload Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...

Out-of-bounds

A vulnerability classified as problematic was found in SourceCodester My Food Recipe 1.0. This vulnerability affects unknown code of the file index.php of the component Image Upload Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...

CVE-2023-5034 SourceCodester My Food Recipe Image Upload index.php unrestricted upload

A vulnerability classified as problematic was found in SourceCodester My Food Recipe 1.0. This vulnerability affects unknown code of the file index.php of the component Image Upload Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...

CVE-2023-42359

SQL injection vulnerability in Exam Form Submission in PHP with Source Code v.1.0 allows a remote attacker to escalate privileges via the val-username parameter in /index.php...

CVE-2023-4988

A vulnerability, which was classified as problematic, was found in Bettershop LaikeTui. This affects an unknown part of the file index.php?module=system&action=uploadImg. The manipulation of the argument imgFile leads to unrestricted upload. It is possible to initiate the attack remotely. This...

Kleeja 1.5.4 Cross Site Scripting

==================================================================================================================================== | Title : Kleeja v1.5.4 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor :...

CVE-2023-4864

A vulnerability, which was classified as problematic, was found in SourceCodester Take-Note App 1.0. This affects an unknown part of the file index.php. The manipulation of the argument noteContent with the input alert'xss' leads to cross site scripting. It is possible to initiate the attack...