xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability

Exploit for php platform in category web applications xt:Commerce VEYTON 4.0.15 productsnamede Script Insertion Vulnerability form name="XSS" method="POST"...

xt:Commerce VEYTON 4.0.15 - 'products_name_de' Script Insertion

xt:Commerce VEYTON 4.0.15 productsnamede Script Insertion Vulnerability input type="hidden" name="dateavailable" valu...

xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability

Summary One shop system, many shop solutions. The shop software xt:Commerce 4 is the basic framework for online shops and for merchants who install and configure their own shop. Description xt:Commerce suffers from a stored XSS vulnerability when parsing user input to the 'productsnamede' paramet...

Zoho BugTracker - Multiple Persistent Cross-Site Scripting Vulnerabilities

Zoho BugTracker - Multiple Persistent Cross-Site Scripting Vulnerabilities Zoho BugTracker Multiple Stored XSS Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; inpu...

Zoho BugTracker - Multiple Persistent Cross-Site Scripting Vulnerabilities

Zoho BugTracker Multiple Stored XSS Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; input type="hidden" name="action...

Zoho BugTracker Multiple Stored XSS Vulnerabilities

Summary Zoho Bug Tracker is an online bug tracking software that combines a clean and an intuitive interface to submit and track bugs with custom workflows, business rules, custom fields and filters for the bugs that software projects are bound to generate and fix all bugs fast. Description The B...

WordPress Theme DiaryNotebook Site5 - Email Spoofing

WordPress Theme DiaryNotebook Site5 - Email Spoofing !/usr/bin/perl Exploit Title: Diary/Notebook Site5 Wordpress Theme - Email Spoofing Date: 15.07.2012 Exploit Author: @bwallHatesTwits Discovered by: @xxDigiPxx...

Wordpress Plugins - Post Recommendations Remote File Inclusion Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

phpList 2.10.18 Cross Site Scripting

HTTPCS Advisory : HTTPCS25 Product : phpList Version : 2.10.18 Date : 2012-07-09 Criticality level : Less Critical Description : A vulnerability has been discovered in phpList, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'footer'...

PyroCMS 2.1.1 CRLF Injection / Stored Cross Site Scripting

Exploit for php platform in category web applications PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC...

b2ePMS 1.0 multiple SQLi Vulnerabilities

Exploit for php platform in category web applications Title: b2ePMS 1.0 multiple SQLi Vulnerabilities Version: 1.0 Author/Found by: loneferret Manifacturer/Software link: https://developer.berlios.de/projects/b2epms/ Other vulnerability: http://www.exploit-db.com/exploits/18882/ Date found: May...

Artiphp CMS v5.5.0 Multiple XSS POST Injection Vulnerabilities

Exploit for php platform in category web applications Artiphp CMS v5.5.0 Multiple XSS POST Injection Vulnerabilities Vendor: Artiphp Product web page: http://www.artiphp.com Affected version: 5.5.0 Neo r422 Summary: Artiphp is a content management system CMS open and free to create and manage you...

Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS Vulnerabilities

Exploit for php platform in category web applications Wordpress Zingiri Web Shop Plugin '; Exploit: http://localhost/wordpress/?page=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E 'page' variable isn't properly sanitized before being used. STORED XSS PS: Attacker should be logged for...

WordPress Zingiri Web Shop 2.4.0 Cross Site Scripting

Wordpress Zingiri Web Shop Plugin '; Exploit: http://localhost/wordpress/?page=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E 'page' variable isn't properly sanitized before being used. STORED XSS PS: Attacker should be logged for exploit. ./fws/pages-front/onecheckout.php line 27-29 i...

ChurchCMS 0.0.1 SQL Injection

Exploit Title: ChurchCMS 0.0.1 'admin.php' Multiple SQLi Date: 04/21/12 Author: G13 Twitter: @g13net Software Link: http://sourceforge.net/projects/churchcms/?source=directory Version: 0.0.1 Category: webapps php Description ChurchCMS is the software to place on your church's website that is easi...

ChurchCMS 0.0.1 SQL Injection

Exploit for php platform in category web applications Exploit Title: ChurchCMS 0.0.1 'admin.php' Multiple SQLi Author: G13 Twitter: @g13net Software Link: http://sourceforge.net/projects/churchcms/?source=directory Version: 0.0.1 Category: webapps php Description ChurchCMS is the software to plac...

BGS CMS 2.2.1 Cross Site Scripting

Exploit for php platform in category web applications !-- BGS CMS v2.2.1 Multiple Stored Cross-Site Scripting Vulnerabilities Vendor: BGSvetionik Product web page: http://www.bgs-cms.com Affected version: 2.2.1 Summary: BGS CMS is powerful Content Management System used to easily publish, manage...

CMS Made Simple <= 1.10.3 XSS Vulnerability

Exploit for php platform in category web applications +---------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : CMS Made Simple = 1.10.3 XSS Vulnerability Date : 02-04-2012 Author : Ivano Binetti...

SyndeoCMS <= 3.0.01 Persistent XSS Vulnerability

Exploit for php platform in category web applications +---------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : SyndeoCMS = 3.0.01 Persistent XSS Date : 29-03-2012 Author : Ivano Binetti...

SyndeoCMS 3.0.01 Cross Site Scripting

+---------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : SyndeoCMS = 3.0.01 Persistent XSS Date : 29-03-2012 Author : Ivano Binetti http://ivanobinetti.com Vendor site : http://www.syndeocms.org/ Software...