29 matches found
EUVD-2017-9020
Malware in sbrugna...
EUVD-2017-9080
Malware in sbrugna...
EUVD-2017-9079
Malware in sbrugna...
CVE-2017-17936
Vanguard Marketplace Digital Products PHP has CSRF via /search...
Vanguard Marketplace Digital Products PHP Cross Site Scripting Vulnerability
Vanguard Marketplace Digital Products PHP is a set of PHP-based scripts for online trading sites for MP3 and other digital files. A cross-site scripting vulnerability exists in Vanguard Marketplace Digital Products PHP. A remote attacker can exploit this vulnerability by sending the 'phpsquery'...
Vanguard Marketplace Digital Products PHP Cross-Site Request Forgery Vulnerability
Vanguard Marketplace Digital Products PHP is a set of PHP-based scripts for online trading sites for MP3 and other digital files. A cross-site request forgery vulnerability exists in Vanguard Marketplace Digital Products PHP. A remote attacker can use /search to inject web script or HTML or perfo...
Vanguard Marketplace Digital Products PHP Arbitrary File Upload Vulnerability
Vanguard Marketplace Digital Products PHP is a set of PHP-based scripts for online trading sites for MP3 and other digital files. A security vulnerability exists in Vanguard Marketplace Digital Products PHP version 1.4. The vulnerability can be exploited to upload arbitrary files via the Add New...
Vanguard Marketplace Digital Products PHP SQL Injection Vulnerability
Vanguard Marketplace Digital Products PHP is a set of PHP-based scripts for online trading sites for MP3 and other digital files. A SQL injection vulnerability exists in Vanguard Marketplace Digital Products PHP version 1.4. A remote attacker can inject SQL commands by sending PATHINFO to the /p...
CVE-2017-17937
Vanguard Marketplace Digital Products PHP has XSS via the phpsquery parameter to /search...
CVE-2017-17936
Vanguard Marketplace Digital Products PHP has CSRF via /search...
CVE-2017-17937
Vanguard Marketplace Digital Products PHP has XSS via the phpsquery parameter to /search...
Design/Logic Flaw
Vanguard Marketplace Digital Products PHP has XSS via the phpsquery parameter to /search...
Cross site request forgery (csrf)
Vanguard Marketplace Digital Products PHP has CSRF via /search...
CVE-2017-17936
Vanguard Marketplace Digital Products PHP has CSRF via /search...
CVE-2017-17936
Vanguard Marketplace Digital Products PHP has CSRF via /search...
CVE-2017-17937
Vanguard Marketplace Digital Products PHP is affected by a cross-site scripting (XSS) vulnerability in the phps_query parameter of the /search endpoint. The issue is consistently reported across multiple feeds (CVE-2017-17937 references) and appears in Red Hat, CNVD, NVD, and CVE records as a PHP...
CVE-2017-17937
Vanguard Marketplace Digital Products PHP has XSS via the phpsquery parameter to /search...
CVE-2017-17873
Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATHINFO to the /p URI...
CVE-2017-17873
Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATHINFO to the /p URI...
CVE-2017-17874
Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI...