WordPress Responsive Preview Plugin <= 1.1 - XSS

Because of this vulnerability in index.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

AppCMS 1.3.890 /index.php SQL注入漏洞

No description provided by source...

Ecmall 2.0 /index.php SQL注入漏洞

No description provided by source...

Caldera 'cdir' Parameter Absolute Path Directory Traversal

The Caldera installation on the remote host contains a PHP script that is affected by a directory traversal vulnerability. A remote, unauthenticated attacker can exploit this issue by sending a crafted request to the '/dirmng/index.php' script, allowing access to arbitrary directories on the remo...

CVE-2014-0217

enrol/index.php in Moodle 2.6.x before 2.6.3 does not check for the moodle/course:viewhiddencourses capability before listing hidden courses, which allows remote attackers to obtain sensitive name and summary information about these courses by leveraging the guest role and visiting a crafted URL...

CVE-2014-0217

The CVE-2014-0217 entry concerns Moodle 2.6.x (before 2.6.3) where enrol/index.php fails to verify the moodle/course:viewhiddencourses capability before listing hidden courses. This allows remote attackers, leveraging the guest role, to disclose sensitive course names and summaries by visiting a ...

CVE-2014-0217

enrol/index.php in Moodle 2.6.x before 2.6.3 does not check for the moodle/course:viewhiddencourses capability before listing hidden courses, which allows remote attackers to obtain sensitive name and summary information about these courses by leveraging the guest role and visiting a crafted URL...

CVE-2014-3846

Cross-site scripting XSS vulnerability in Flying Cart allows remote attackers to inject arbitrary web script or HTML via the p parameter to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in Flying Cart allows remote attackers to inject arbitrary web script or HTML via the p parameter to index.php...

CVE-2014-3846

Cross-site scripting XSS vulnerability in Flying Cart allows remote attackers to inject arbitrary web script or HTML via the p parameter to index.php...

FineCMS多个SQL注射漏洞

简要描述： FineCMS多个SQL注射 详细说明： 注射文件存在于：/fang/目录下index.php文件 射点一：http://www.dayrui.net/fang/index.php 以官方演示站演示证明： http://www.dayrui.net/fang/index.php?c=search&area=2395&catid=1&order=updatetime' http://www.dayrui.net/fang/index.php?c=search&area=2395&zujin=0%2C500&catid=1'...

Crime24 Stealer v1 /index.php SQL注入漏洞

No description provided by source...

CVE-2013-5939

Multiple cross-site scripting XSS vulnerabilities in the Guestbook module for PHPCMS allow remote attackers to inject arbitrary web script or HTML via the 1 list or 2 introduce parameter to index.php...

Xshop Cross Site Scripting

Exploit Title: Iran XshoP XSS Vulnerability Google Dork: Dork Is PerSian ! See End Of Demo ! Date: 2014-03-27 Exploit Author: Medrik Vendor Homepage: http://www.xshopsaz.ir/ Tested on: Windows ----------------- Proof : Vulnerability in : index.php Page With ftp Paramter ! Exploit :...

PTCeffect 4.6 /index.php 本地文件包含漏洞

No description provided by source...

CVE-2014-2689

Cross-site scripting XSS vulnerability in Offiria 2.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to installer/index.php...

BVS Site 4.0.1 / 5.2.1 Cross Site Scripting

Persistent Cross Site Scripting on BVS Site + Date: 02/05/2014 + Risk: HIGH + Author: Felipe Andrian Peixoto + Vendor Homepage: http://trac.reddes.bvsalud.org/projects/bvs-site/wiki/Downloads + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable File: index.php + Dork...

Adem 0.5.1 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications ----------exploit Debut Local File Include Vulnerability ----------Script Info Author : JIKO ----------Script Info Site : https://github.com/4FSB/Adem && http://adem.faares.com/demo Version : 0.5.1 Download :...

Vtiger 6.0 /index.php 命令执行漏洞

No description provided by source...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in vwrooms\templates\logout.tpl.php in the VideoWhisper Webcam plugins for Drupal 7.x allow remote attackers to inject arbitrary web script or HTML via the 1 module or 2 message parameter to index.php...