BoltWire <= 3.5 Multiple XSS Vulnerabilities

BoltWire is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Onpub CMS 1.41.5 - Multiple SQL Injections

Onpub CMS 1.41.5 - Multiple SQL Injections Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-26 Vulnerability Laboratory I...

Onpub CMS 1.4/1.5 - Multiple SQL Injections

Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-26 Vulnerability Laboratory ID VL-ID: ==================================...

Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities

Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-25 Vulnerability Laboratory ID VL-ID: ==================================...

Onpub CMS 1.4 / 1.5 SQL Injection

Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-26 Vulnerability Laboratory ID VL-ID: ==================================...

Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities

Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-25 Vulnerability Laboratory ID VL-ID: ==================================...

CVE-2013-2651

Multiple cross-site scripting XSS vulnerabilities in BoltWire 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 "p" or 2 content parameter to index.php...

Sql injection

SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.php...

CVE-2013-6243

SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.php...

WordPress Landing Pages Plugin <=1.2.3 - SQL Injection

Because of this vulnerability, the attackers can execute arbitrary SQL commands via the "post" parameter to index.php. Solution Update the plugin...

CVE-2013-5979

The CVE-2013-5979 issue affects Spring Signage Xibo 1.2.x (pre-1.2.3) and 1.4.x (pre-1.4.2). A directory traversal flaw allows remote attackers to read arbitrary files by supplying a .. in the p parameter to index.php. Impact: potential exposure of sensitive server files. Root cause: insufficient...

Wapkul Beta 3 SQL Injection Vulnerability

Exploit for php platform in category web applications / \ / | / \ /000000 | 00 | /000000 | 00 \00/ / \ / \ / \ 00 \ / / \ / \ 00 \00/ / \ / | 00 \ 000000 |/000000 |000000 |0000000 |000000 0000 | 000000 | 00 \ /000000 |/0000000/ 000000 | / 00 |00 | 00/ / 00 |00 | 00 |00 | 00 | 00 | / 00 | 000000...

Directory traversal

Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. dot dot in the file parameter to index.php/admin/translationManager...

CVE-2013-5693

Cross-site scripting XSS vulnerability in X2Engine X2CRM before 3.5 allows remote attackers to inject arbitrary web script or HTML via the model parameter to index.php/admin/editor...

CVE-2013-5693

CVE-2013-5693 affects X2Engine X2CRM

Sql injection

SQL injection vulnerability in Ginkgo CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the rang parameter to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in install/forumdata/src/customfields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some of these details are obtained from...

Sql injection

SQL injection vulnerability in core/inc/bigtree/cms.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATHINFO to index.php...

Linesis SQL Injection

/ / / \ / / / / / / / / / / / // / / / / / / // / // / / / / | // / / / / / // / / / // / /,// /////,// ///// , / // Linesis index.php,Kid SQL Injection Vulnerability AuthorPentester: Miyachung Special Thanks : All Janissaries TeamB127Y,eno7,TheMirkin,PaRaNTeZ,M-A,n4sss Dork : "Powered by...

Ginkgo CMS - index.php?rang SQL Injection

Ginkgo CMS - index.php?rang SQL Injection /\ \ /\ \ /\ \ /\ \ /\ \ /\ \ /\ /\ \ \ \ \ //\ \///'/'\ \ \ \ \ /'\ \ \ \L\ \ \ \ \ \ \ \ \ /\ /\ \ \ \ \ //'/' \ \ \ /'\ /'\ \ , \ \ , /\ \ \ \ \ \ \ \L\ \ \ \ \ \ \ //'/' \ \ \ \ /\ \L./\ /\ \ \\ \ \ \ \ \ \ \ \ /\ / /\/\\ \ \ /.\...