103 matches found
CVE-2018-10135
iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel...
CVE-2018-10135
iScripts eSwap v2.4 contains a Reflected Cross-Site Scripting (XSS) vulnerability in the User Panel, exploitable via the catid parameter of catwiseproducts.php. The root cause is the lack of input sanitization/reflection of user-controlled data in server responses, enabling injection of arbitrary...
PHP Scripts Mall Single Theater Booking Cross-Site Request Forgery Vulnerability
PHP Scripts Mall Single Theater Booking is an open source theater script. A cross-site request forgery vulnerability exists in PHP Scripts Mall Single Theater Booking. A remote attacker can use the admin/sitesettings.php file to change sensitive settings on the user panel, or even inject web scri...
CVE-2017-17903
FS Lynda Clone has CSRF via user/editprofile, as demonstrated by adding content to the user panel...
Cross site request forgery (csrf)
FS Lynda Clone has CSRF via user/editprofile, as demonstrated by adding content to the user panel...
CVE-2017-17930
The affected software is PHP Scripts Mall Professional Service Script. It contains a Cross-Site Request Forgery (CSRF) vulnerability exploitable via admin/general_settingupd.php, demonstrated by changing a setting in the user panel. The root cause and specific impact details are described across ...
Bitcoin / Dogecoin Mining 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Bitcoin,Dogecoin Mining 1.0 - Authentication Bypass Dork: N/A Date: 21.08.2017 Vendor Homepage: https://codecanyon.net/user/bousague Software Link: https://codecanyon.net/item/bitcoindogecoin-mining-php-script/20315581 Demo:...
Bitcoin / Dogecoin Mining 1.0 SQL Injection
Exploit Title: Bitcoin,Dogecoin Mining 1.0 - Authentication Bypass Dork: N/A Date: 21.08.2017 Vendor Homepage: https://codecanyon.net/user/bousague Software Link: https://codecanyon.net/item/bitcoindogecoin-mining-php-script/20315581 Demo: http://test.z-files.site/ Version: 1.0 Category: Webapps...
(Bitcoin Dogecoin) PHP Cloud Mining Script - Authentication Bypass
Bitcoin Dogecoin PHP Cloud Mining Script - Authentication Bypass Exploit Title: Bitcoin,Dogecoin Mining 1.0 - Authentication Bypass Dork: N/A Date: 21.08.2017 Vendor Homepage: https://codecanyon.net/user/bousague Software Link: https://codecanyon.net/item/bitcoindogecoin-mining-php-script/2031558...
Online Quiz Project 1.0 SQL Injection
Exploit Title: Online Quiz Project 1.0 - Multiple Vulnerabilities Dork: N/A Date: 17.08.2017 Vendor Homepage : http://surajkumar.in/ Software Link: http://surajkumar.in/product/online-quiz-project-php/ Demo: http://surajkumar.in/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...
Online Quiz Project 1.0 - SQL Injection
Online Quiz Project 1.0 - SQL Injection Exploit Title: Online Quiz Project 1.0 - Multiple Vulnerabilities Dork: N/A Date: 17.08.2017 Vendor Homepage : http://surajkumar.in/ Software Link: http://surajkumar.in/product/online-quiz-project-php/ Demo: http://surajkumar.in/ Version: 1.0 Category:...
Online Quiz Project 1.0 - SQL Injection
Exploit Title: Online Quiz Project 1.0 - Multiple Vulnerabilities Dork: N/A Date: 17.08.2017 Vendor Homepage : http://surajkumar.in/ Software Link: http://surajkumar.in/product/online-quiz-project-php/ Demo: http://surajkumar.in/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...
Pligg CMS 2.0.2 - Cross-Site Request Forgery (Add Admin)
Admin input typ...
X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...
PhpOnlineChat 3.0 - XSS
No description provided by source. Exploit Title: phponlinechat xss Date: 5/9/2014 Exploit Author: N0 Feel Vendor Homepage: http://phponlinechat.com/phpchat Software Link: http://phponlinechat.com/chat-free-download.php Version: 3.0 Tested on: win7 php online chat suffer from xss in user panel -...
PhpOnlineChat 3.0 - XSS Vulnerability
Exploit for php platform in category web applications Exploit Title: phponlinechat xss Date: 5/9/2014 Exploit Author: N0 Feel Vendor Homepage: http://phponlinechat.com/phpchat Software Link: http://phponlinechat.com/chat-free-download.php Version: 3.0 Tested on: win7 php online chat suffer from x...
PhpOnlineChat 3.0 - Cross-Site Scripting
PhpOnlineChat 3.0 - Cross-Site Scripting Exploit Title: phponlinechat xss Date: 5/9/2014 Exploit Author: N0 Feel Vendor Homepage: http://phponlinechat.com/phpchat Software Link: http://phponlinechat.com/chat-free-download.php Version: 3.0 Tested on: win7 php online chat suffer from xss in user...
PhpOnlineChat 3.0 Cross Site Scripting
Exploit Title: phponlinechat xss Date: 5/9/2014 Exploit Author: N0 Feel Vendor Homepage: http://phponlinechat.com/phpchat Software Link: http://phponlinechat.com/chat-free-download.php Version: 3.0 Tested on: win7 php online chat suffer from xss in user panel - register as user - go to :...
PhpOnlineChat 3.0 - Cross-Site Scripting
Exploit Title: phponlinechat xss Date: 5/9/2014 Exploit Author: N0 Feel Vendor Homepage: http://phponlinechat.com/phpchat Software Link: http://phponlinechat.com/chat-free-download.php Version: 3.0 Tested on: win7 php online chat suffer from xss in user panel - register as user - go to :...
Ez Poll Hoster - Multiple XSS and CSRF Vulnerabilities
No description provided by source. ----------------------------------------------------------------------------------------------- Title: Ez Poll Hoster Multiple XSS and XSRF Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...