419 matches found
Ebay Xcom Item Preview Cross Site Scripting
Document Title: =============== Ebay Inc Xcom 4 - Item Preview Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1215 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 12...
Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability
Exploit for iOS platform in category web applications Document Title: =============== Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability Product & Service Introduction: =============================== Do you have troubles for managing thousands of photos and videos? Do you have any privat...
Mobile Drive HD 1.8 Local File Inclusion Vulnerability
Mobile Drive HD version 1.8 suffers from a local file inclusion vulnerability. Document Title: =============== Mobile Drive HD v1.8 - File Include Web Vulnerability Product & Service Introduction: =============================== Mobile Drive is the ideal app for anyone who transfer documents...
Wifi Drive Pro 1.2 Local File Inclusion Vulnerability
Wifi Drive Pro version 1.2 suffers from a local file inclusion vulnerability. Document Title: =============== Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability Product & Service Introduction: =============================== This app lets you use your iphone, iPad or iPod Touch as a wireles...
Linkus Photo Manager Pro 4.4.0 Local File Inclusion Vulnerability
Linkus Photo Manager Pro version 4.4.0 suffers from a local file inclusion vulnerability. Document Title: =============== Photo Manager Pro v4.4.0 iOS - File Include Vulnerability Product & Service Introduction: =============================== Do you have troubles for managing thousands of photos...
Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability
Document Title: =============== Ebay Inc Xcom 6 - Persistent POST Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1227 Release Date: ============= 2015-03-24 Vulnerability Laboratory ID VL-ID: ==================================== 122...
Photo Manager Pro v4.4.0 iOS - File Include Vulnerability
Document Title: =============== Photo Manager Pro v4.4.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1445 Release Date: ============= 2015-03-12 Vulnerability Laboratory ID VL-ID: ====================================...
Photo Manager Pro 4.4.0 iOS - Code Injection Vulnerability
Document Title: =============== Photo Manager Pro 4.4.0 iOS - Code Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1444 Release Date: ============= 2015-03-10 Vulnerability Laboratory ID VL-ID: ====================================...
BlinkSale Bug Bounty #1 - Encode & Validation Vulnerability
Document Title: =============== BlinkSale Bug Bounty 1 - Encode & Validation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1416 Release Date: ============= 2015-02-06 Vulnerability Laboratory ID VL-ID: ====================================...
CatBot 0.4.2 SQL Injection Vulnerability
CatBot version 0.4.2 suffers from a remote SQL injection vulnerability. Document Title: =============== CatBot v0.4.2 PHP - SQL Injection Vulnerability Product & Service Introduction: =============================== CatBot is a simple, HTML/PHP/MySQL based chatterbot thats easy to set up and use...
CatBot v0.4.2 (PHP) - SQL Injection Vulnerability
Document Title: =============== CatBot v0.4.2 PHP - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1408 Release Date: ============= 2015-01-15 Vulnerability Laboratory ID VL-ID: ==================================== 1408 Commo...
hdwiki 一处sql注入
简要描述: 费了些力气,不过还是不错的。 注入,不过不是get方式,规则绕不过去,求大牛们秒了它,post方式注入,不过这个漏洞感觉很有意思。 最后再说,别不给确认,不给rank 详细说明: 先来看看Hdwiki处理提交数据的方式,get就算了,各种绕不过。 在/hdwiki/model/hdwiki.class.php中 大约 52行 $this-post = string::haddslashes$POST; //跟入 haddslashes函数如下,可以看到POST过来的数据处理addslashes单引号,双引号,反斜杠,NULL下 function...
Iwebmall 最新版SQL注入第五枚
简要描述: Iwebmall 最新版SQL注入第五枚 详细说明: 看到wooyun上有人提了几个iweb的漏洞( WooYun: iwebmall商城程序sql注入 , WooYun: Iwebsns sql 第五枚。 ),我来捡捡漏儿吧,希望不要重复。 先把注入点拿出来:www.xxx.com/do.php?act=shopguestbookdel ,POST的内容中有个参数favoriteshop,存在注入。 action/shop/guestbookdel.action.php 无关代码 //数据库操作 dbtarget'w',$dbServs; $dbo=new dbex;...
iUSB v1.2 iOS - Arbitrary Code Execution Vulnerability
Document Title: =============== iUSB v1.2 iOS - Arbitrary Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1374 Release Date: ============= 2014-12-10 Vulnerability Laboratory ID VL-ID: ==================================== 137...
Iwebmall最新版SQL注入第一枚
简要描述: Iwebmall最新版SQL注入第一枚 详细说明: 看到wooyun上有人提了几个iweb的漏洞( WooYun: iwebmall商城程序sql注入 ),我来捡捡漏儿吧,希望不要重复。官网下载最新v1.2来看看。 先把注入点拿出来:www.xxx.com/do.php?act=userfavoritedel,POST的内容中有个参数favorite,存在注入。 /action/user/favoritedel.action.php 无关代码 // 处理post变量 ifempty$POST $favoriteid = intvalgetargs'id'; else...
Elefant CMS v1.3.9 - Persistent Name Update Vulnerability
Document Title: =============== Elefant CMS v1.3.9 - Persistent Name Update Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1365 Release Date: ============= 2014-12-03 Vulnerability Laboratory ID VL-ID: ====================================...
Supr Shopsystem 5.1.0 - Persistent UI Vulnerability
Exploit for php platform in category web applications Product & Service Introduction: =============================== SUPR is a modern and user-friendly system which allows each store very quickly and easily create their own online store. Without installation and own webspace you can begin to...
Dell SonicWALL Gms 7.2.x - Code Injection
Document Title: =============== Dell SonicWall GMS v7.2.x - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1222 Release Date: ============= 2014-10-21 Vulnerability Laboratory ID VL-ID: ====================================...
GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability
No description provided by source. Document Title: =============== GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1325 Release Date: ============= 2014-09-22 Vulnerability Laboratory ID VL-ID:...
Briefcase 4.0 iOS - Code Exec & File Include Vulnerability
Document Title: =============== Briefcase 4.0 iOS - Code Exec & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability Laboratory ID VL-ID: ====================================...