643 matches found
Maian Weblog Cross-Site Request Forgery Vulnerability
Maian Weblog is a free and open source PHP blogging system developed by British software developer David Ian Bennett. The system includes modules for commenting, searching, uploading images and videos. A cross-site scripting vulnerability exists in the index.php script of Maian Weblog 4.0 and...
Code injection
Fortinet FortiWan formerly AscernLink before 4.2.5 allows remote authenticated users to obtain sensitive information from 1 a backup of the device configuration via script/cfgshow.php or 2 PCAP files via script/system/tcpdump.php...
UBUNTU-CVE-2015-5714
Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...
CVE-2015-8152
Cross-site request forgery CSRF vulnerability in Symantec Endpoint Protection Manager SEPM 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Symantec Endpoint Protection Manager SEPM 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script...
Web Reference Database Command Execution Vulnerability
Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. A vulnerability in the handling of the 'adminPassword' parameter in the Web Reference Databaseinstall.php script allows remote attackers to...
KnowledgeTree 'login.php' Cross-Site Scripting Vulnerability
KnowledgeTree is a Web-based open source document management system . A cross-site scripting vulnerability exists in KnowledgeTree login.php, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or...
CVE-2015-4330
A local file script in Cisco TelePresence Video Communication Server VCS Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556...
Fastspot BigTree 'admin.php' Script HTML Injection Vulnerability
Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. An HTML injection vulnerability exists in Fastspot BigTree CMS versions prior to 4.2.3, which stems from the program failing to adequately filter user-submitted input. When...
QuickTalk 1.5 Password Hash Disclosure
| Title : QuickTalk 1.5 Reinstall Script Vulnerability | Author : indoushka | email : [email protected] | Dork : powered by QT-cute | Tested on: windows 8.1 Français V.Pro | Bug : Reinstall Script | Download : http://www.scriptmafia.org ======================================= 1 -...
CVE-2014-8578
Cross-site scripting XSS vulnerability in the Groups panel in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-3475...
SuSE 6.x/7.0 MkDir Error Handling rctab Race Condition Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated. A race condition i...
betaparticle blog 2.0/3.0 upload.asp Unauthenticated File Upload
No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...
Custom Business Card script SQL injection Vulnerability
No description provided by source. Exploit Title: Custom Business Card script SQL injection Vulnerability Date: 23/06/2010 Author: JaMbA Script url: http://www.2daybiz.com/custombusscardscript.html Version: N/A Tested on: Windows CVE : ::::::::::::::::::::::::: :::::::::::::::::::::::::...
Escort und Begleitservice Agentur Script SQL Injection Vunerability
No description provided by source...
Brian Stanback bsguest.cgi 1.0 - Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2159/info An input validation vulnerability exists in Brian Stanback's bsguest.cgi, a script designed to coordinate guestbook submissions from website visitors. The script fails to properly filter ';' characters from the...
Job Site 1.0 - Multiple Vulnerabilities
Jobsite logo - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script : http://sourceforge.net/projects/jobfinder/...
CVE-2013-5587
Cross-site scripting XSS vulnerability in Request Tracker RT 4.x before 4.0.13, when MakeClicky is configured, allows remote attackers to inject arbitrary web script or HTML via a URL in a ticket. NOTE: this issue has been SPLIT from CVE-2013-3371 due to different affected versions...
Haraj Script Stored XSS and File Upload Vulnerability
You Can Upload file And make come Xss code ! at Once ,, in famous arabic scripth php Haraj script . ============================= 1: first enter to site of our target , and signup in the target site . 2: go to HTTP://TARGET.COM/home/add/ or HTTP://TARGET.COM/homeadd.html or or...
Kloxo 6.1.6 - Local Privilege Escalation
Exploit for linux platform in category local exploits LXLABS=cat /etc/passwd | grep lxlabs | cut -d: -f3 export MUID=$LXLABS export GID=$LXLABS export TARGET=/bin/sh export CHECKGID=0 export NONRESIDENT=1 echo "unset HISTFILE HISTSAVE PROMPTCOMMAND TMOUT" /tmp/w00trc echo "/usr/sbin/lxrestart...