Lucene search
+L

1062 matches found

seebug.org
seebug.org
added 2015/09/25 12:0 a.m.30 views

Wordpress Plugin Store Locator Plus 4.2.23 Email Injection

如果我们拥有有效的“钥匙”就可以发送邮件给任何人File: store-locator-le\include\send-email.phpif !wpverifynonce$REQUEST'valid','em' die; $messageheaders = "From: "$GET'emailname'"...

7.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/09/09 5:19 a.m.8 views

wirelesswave.ca XSS vulnerability

Vulnerable URL: http://www.wirelesswave.ca/stores/store-locator.asp?AddressInput=T0L 0X0" Details: Description| Value ---|--- Patched:| Yes, at 22.11.2017 Latest check for patch:| 22.11.2017 14:54 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 539891 Google...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/08/20 1:47 p.m.11 views

carecredit.com XSS vulnerability

Vulnerable URL: http://www.carecredit.com/doctor-locator/results/Vision/Eye-Exams-Eye-Glasses/LA-QUINTA-CA/?Name="=25=61 Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 14:13 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclose...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/08/20 1:37 p.m.18 views

carecredit.com XSS vulnerability

Vulnerable URL: http://www.carecredit.com/doctor-locator/results/xss/?City==MN1"=10=29 Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 14:13 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 22126 Google Pageran...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/08/20 1:32 p.m.16 views

carecredit.com XSS vulnerability

Vulnerable URL: http://www.carecredit.com/doctor-locator/results/45645ee/?City==MN1"=10=29 Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 14:13 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 22126 Google...

6.3AI score
Exploits0
CNVD
CNVD
added 2015/06/17 12:0 a.m.3 views

TYPO3 Store Locator Extension SQL Injection Vulnerability

TYPO3 is a free and open source content management system, Store Locator is a map locator extension plugin that displays store information. A SQL injection vulnerability exists in TYPO3 Store Locator, which allows remote attackers to exploit the vulnerability to submit specially crafted SQL queri...

6.5CVSS8AI score0.01049EPSS
Exploits0References1
NVD
NVD
added 2015/06/16 4:59 p.m.7 views

CVE-2015-4610

SQL injection vulnerability in the Store Locator locator extension before 3.3.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS7.9AI score0.01049EPSS
Exploits0References3
Prion
Prion
added 2015/06/16 4:59 p.m.9 views

Sql injection

SQL injection vulnerability in the Store Locator locator extension before 3.3.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS8.5AI score0.01049EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2015/06/16 4:0 p.m.30 views

CVE-2015-4610

The vulnerability affects the TYPO3 Store Locator extension (locator) prior to version 3.3.1 . It is a SQL injection flaw that allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. The issue originates from the extension’s handling of database queries, leadi...

6.5CVSS8.2AI score0.01049EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/06/16 4:0 p.m.16 views

CVE-2015-4610

SQL injection vulnerability in the Store Locator locator extension before 3.3.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

7.9AI score0.01049EPSS
Exploits0References3
Typo3
Typo3
added 2015/06/15 12:0 a.m.10 views

SQL Injection vulnerability in extension Store Locator (locator)

It has been discovered that the extension "Store Locator" locator is susceptible to SQL Injection Release Date: June 15, 2015 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 3.3.0 and below Vulnerability Type: SQL...

7.3AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2015/05/31 12:0 a.m.9 views

WordPress Store Locator Plus Plugin <= 4.2.23 - Email Injection

Plugin is prone to an email injection vulnerability. Solution Update this plugin...

2.2AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.6 views

WordPress Store Locator Plugin <= 2.6.1 - Cross Site Request Forgery

This plugin is prone to a cross site request forgery vulnerability. Solution Update the plugin...

2.4AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.4 views

WordPress Store Locator Plus Plugin <= 3.8.6 - SQL Injection

Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands. Solution Update plugin...

6AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.9 views

WordPress Store Locator Plugin <= 3.33.1 - SQL Injection

Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands. Solution Update the plugin...

6.1AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

Vulnerabilities of the Red Hat Enterprise Linux operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the samba4-winbind-krb5-locator-4.0.0 package for the Red Hat Enterprise Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information...

7.9CVSS6.5AI score0.56378EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.3 views

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the samba-winbind-krb5-locator-3.5.6 package for the Red Hat Enterprise Linux operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

6.8CVSS6.4AI score0.10046EPSS
Exploits8References6
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the samba-winbind-krb5-locator-4.1.1 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited...

7.9CVSS6.5AI score0.56378EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

Vulnerabilities of the CentOS operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The Samba4-winbind-krb5-locator-4.0.0 package from the CentOS operating system has multiple vulnerabilities. Its operation may lead to violations of the confidentiality, integrity, and accessibility of protected information...

7.9CVSS6.5AI score0.56378EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2015/04/17 12:0 a.m.2 views

Wordpress Ajax Store Locator SQL Injection Vulnerability

WordPress is a use of PHP language development blog platform, users can support PHP and MySQL database server set up their own weblog. A SQL injection vulnerability exists in Wordpress Ajax Store Locator. An attacker can exploit this vulnerability to compromise the application, access or modify...

7.7AI score
Exploits0References1
Rows per page
Query Builder