39 matches found
CVE-2019-9839
VFront 0.99.5 has Reflected XSS via the admin/menuregistri.php descrizioneg parameter or the admin/syncregtab.php azzera parameter...
Cross site scripting
VFront 0.99.5 has Reflected XSS via the admin/menuregistri.php descrizioneg parameter or the admin/syncregtab.php azzera parameter...
CVE-2019-9839
VFront 0.99.5 has Reflected XSS via the admin/menuregistri.php descrizioneg parameter or the admin/syncregtab.php azzera parameter...
CVE-2019-9838
VFront 0.99.5 has stored XSS via the admin/syncregtab.php azzera parameter, which is mishandled during admin/errorlog.php rendering...
Cross site scripting
VFront 0.99.5 has stored XSS via the admin/syncregtab.php azzera parameter, which is mishandled during admin/errorlog.php rendering...
CVE-2019-9838
Summary: CVE-2019-9838 affects VFront 0.99.5 with a stored XSS vulnerability. The issue occurs in the parameter azzera of admin/sync_reg_tab.php and is mishandled during rendering in admin/error_log.php. Affected software: VFront 0.99.5 (PHP/JavaScript front-end tooling for MySQL/PostgreSQL). Roo...
CVE-2019-9838
VFront 0.99.5 has stored XSS via the admin/syncregtab.php azzera parameter, which is mishandled during admin/errorlog.php rendering...
CVE-2019-9839
VFront 0.99.5 has Reflected XSS via the admin/menuregistri.php descrizioneg parameter or the admin/syncregtab.php azzera parameter...
CVE-2019-9839
VFront 0.99.5 is affected by a Reflected Cross‑Site Scripting (XSS) vulnerability. The issue is triggered via the admin/menu_registri.php descrizione_g parameter or the admin/sync_reg_tab.php azzera parameter. Public references describe it as a reflected XSS with proof patterns such as [removed]a...
VFront 0.99.5 Reflective Cross Site Scripting
Multiple Reflected Cross-site Scripting Vulnerabilities in VFront 0.99.5 Information -------------------- Advisory by Netsparker Name: Multiple Reflected Cross-site Scripting in VFront 0.99.5 Affected Software: VFront Affected Versions: 0.99.5 Homepage: http://www.vfront.org/ Vulnerability:...
VFront Cross-Site Scripting Vulnerability
VFront is a set of PHP and Javascript written for MySQL or PostgreSQL database open source front-end management tools . A cross-site scripting vulnerability exists in Vfront version 0.99.5. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...
VFront 0.99.5 Persistent Cross Site Scripting
Stored Cross-site Scripting Vulnerability in VFront 0.99.5 Information -------------------- Advisory by Netsparker Name: Stored Cross-site Scripting Vulnerability in VFront Affected Software: VFront Affected Versions: 0.99.5 Homepage: http://www.vfront.org/ Vulnerability: Stored Cross-site...
Multiple vulnerabilities in vfront
vfront is a set of open source based on PHP and JavaScript MySQL or PostgreSQL database front-end management tools . There are multiple security vulnerabilities in vfront , allowing attackers to exploit vulnerabilities in cross-site scripting , cross-site request forgery , and HTML injection...
vfront-0.99.2 CSRF & Persistent XSS
Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-VFRONT0602.txt Vendor: ============== www.vfront.org Product: =================================================================================== vfront-0.99.2 is a PHP web...
vfront 0.99.2 CSRF & Persistent XSS Vulnerabilities
Exploit for php platform in category web applications Exploit Title: CSRF & Persistent XSS Google Dork: intitle: CSRF & Persistent XSS Date: 2015-06-02 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org/ Vendor Homepage: www.vfront.org Software Link: www.vfront.org Version:...
VFront 0.99.2 - Cross-Site Request Forgery Persistent Cross-Site Scripting
VFront 0.99.2 - Cross-Site Request Forgery Persistent Cross-Site Scripting Exploit Title: CSRF & Persistent XSS Google Dork: intitle: CSRF & Persistent XSS Date: 2015-06-02 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org/ Vendor Homepage: www.vfront.org Software Link:...
VFront 0.99.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
Exploit Title: CSRF & Persistent XSS Google Dork: intitle: CSRF & Persistent XSS Date: 2015-06-02 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org/ Vendor Homepage: www.vfront.org Software Link: www.vfront.org Version: 0.99.2 Tested on: windows 7 Category: webapps Product:...
vfront 0.99.2 Cross Site Request Forgery / Cross Site Scripting
Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-VFRONT0602.txt Vendor: ==============www.vfront.org Product: =================================================================================== vfront-0.99.2 is a PHP web...
VFront 0.95m (need login) Persistant XSS Vunerability
Exploit for php platform in category web applications author: lemlajt software : VFront vendor: http://www.vfront.org/ version: 0.95m tested on: linux cve : PoC : Go to: http://192.168.1.123/www/cmsadmins/vfr/vfront-0.95m/admin/menuregistri.php?gid=0&modificagid&feed=modok In "Modify...