Malicious Test Script

nothing-js is vulnerable to malicious test script. The package contains a malicious test script that attempts to delete all files on the system when the npm test command is run...

Online Test Script 2.0.7 SQL Injection

Exploit Title: Online Test Script 2.0.7 - 'cid' SQL Injection Dork: N/A Date: 2018-02-07 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://www.phpscriptsmall.com/product/online-test-script/ Version: 2.0.7 Category: Webapps CVE: N/A Description: The...

Online Test Script 2.0.7 - cid SQL Injection

Online Test Script 2.0.7 - cid SQL Injection Exploit Title: Online Test Script 2.0.7 - 'cid' SQL Injection Dork: N/A Date: 2018-02-07 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://www.phpscriptsmall.com/product/online-test-script/ Version: 2.0.7...

Online Test Script 2.0.7 - 'cid' SQL Injection

Exploit Title: Online Test Script 2.0.7 - 'cid' SQL Injection Dork: N/A Date: 2018-02-07 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://www.phpscriptsmall.com/product/online-test-script/ Version: 2.0.7 Category: Webapps CVE: N/A Description: The...

PT-2017-15133 · Dolibarr · Dolibarr Erp/Crm

Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM version 6.0.4 Description: The issue concerns the test sql and script inject function in htdocs/main.inc.php, which fails to block certain event attributes, specifically onclick and onscroll, allowing for cross-site scripting...

XSS vulnerability in old test script

Cross-site scripting vulnerability in ADOdb allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

HelpDeskZ 1.0.2 - (Authenticated) SQL Injection Unauthorized File Download

HelpDeskZ 1.0.2 - Authenticated SQL Injection Unauthorized File Download ''' Exploit Title: HelpDeskZ fetchRow"SELECT , COUNTid AS total FROM ".TABLEPREFIX."attachments WHERE id=".$db-realescapestring$params2." AND ticketid=".$params0." AND msgid=".$params3; third argument AND msgid=".$params3;...

Internet Bug Bounty: Memory corruption in _php_math_number_format_ex()

The fix of this bug has been committed: https://bugs.php.net/bug.php?id=73336 Description: -------------- I have found some vulnerable code at phpmathnumberformatex function. phpmathnumberformatex function is an internal function which is called from numberformat function. numberformat function...

Updated php-adodb packages fix security vulnerabilities

The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting. CVE-2016-7405 Cross Site Scripting vulnerability in test script CVE-2016-4855...

Internet Bug Bounty: Out of bound when verify signature of tar phar in phar_parse_tarfile

https://bugs.php.net/bug.php?id=73035 There was a security code in pharparsetarfile if FAILURE == pharverifysignaturefp, phpstreamtellfp - size - 512, myphar-sigflags, buf + 8, size - 8, fname, &myphar-signature, &myphar-siglen, error if error char save = error; spprintferror, 4096, "phar error:...

ADOdb vulnerable to cross-site scripting

Overview ADOdb is a database abstraction layer for PHP. The library's test script test.php contains a cross-site scripting CWE-79 vulnerability. ASAI Ken reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

PHP 7.0.0 - Format String

Overview -------------------------------------------- A fun little format string vulnerability exists in PHP 7.0.0 due to how non-existent class names are handled. From my limited research I believe this issue is likely exploitable for full code execution see test script below. This issue does no...

DEBIAN-CVE-2014-1640

axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename...

CVE-2014-1640

axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename...

PHP 5.4SVN-2012-02-03 - htmlspecialcharsentities Buffer Overflow

PHP 5.4SVN-2012-02-03 - htmlspecialcharsentities Buffer Overflow From: cataphract Operating system: Any PHP version: 5.4SVN-2012-02-03 SVN Package: Reproducible crash Bug Type: Bug Bug description:Buffer overflow on htmlspecialchars/entities with $double=false Description: ------------ Long...

Zen Cart extras/curltest.php Information Disclosure

The installed version of Zen Cart includes a test script, 'extras/curltest.php', intended for testing that the curl PHP library is installed and working properly. It fails, though, to restrict access and can be abused to access arbitrary URLs, including local files via the 'file' protocol handler...

CVE-2008-5147

test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/outer.odt temporary file...

[SA19563] MAXdev MD-Pro ADOdb "server.php" Insecure Test Script Security Issue

TITLE: MAXdev MD-Pro ADOdb "server.php" Insecure Test Script Security Issue SECUNIA ADVISORY ID: SA19563 VERIFY ADVISORY: http://secunia.com/advisories/19563/ CRITICAL: Moderately critical IMPACT: Security Bypass, System access WHERE: From remote SOFTWARE: MAXdev MD-Pro 1.x...

ADOdb server.php sql Parameter SQL Injection

The remote host is running ADOdb, a database abstraction library for PHP. The installed version of ADOdb includes a test script named 'server.php' that fails to sanitize user input to the 'sql' parameter before using it in database queries. An attacker can exploit this issue to launch SQL injecti...

CVE-2006-0146

CVE-2006-0146 affects ADOdb for PHP (before 4.70) used by Moodle, Cacti, Mantis, PostNuke, Xaraya, PHPOpenChat, MAXdev MD-Pro, MediaBeez, etc. The vulnerability arises from the MySQL root password being empty, enabling remote SQL execution via the sql parameter. Connected OpenVAS advisories corro...