134 matches found
ZenTao Pro 8.8.2 - Command Injection Exploit
Exploit for php platform in category web applications Exploit Title: ZenTao Pro 8.8.2 - Command Injection Exploit Author: Daniel Monzón & Melvin Boers Vendor Homepage: https://www.zentao.pm/ Version: 8.8.2 Tested on: Windows 10 / WampServer Other versions like pro or enterprise edition could be...
Online Shopping Portal 3.1 - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Shopping Portal 3.1 - Authentication Bypass Exploit Author: Ümit Yalçın Vendor Homepage: https://phpgurukul.com/shopping-portal-free-download/ Version: 3.1 Tested on: Windows 10 / WampServer 1- Authentication Bypass Go to...
Online Shopping Portal 3.1 SQL Injection / Shell Upload
Exploit Title: Online Shopping Portal 3.1 - Authentication Bypass Date: 2020-06-25 Exploit Author: Ümit Yalçın Vendor Homepage: https://phpgurukul.com/shopping-portal-free-download/ Version: 3.1 Tested on: Windows 10 / WampServer 1- Authentication Bypass Go to following url!...
Student Enrollment 1.0 - Unauthenticated Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Student Enrollment 1.0 - Unauthenticated Remote Code Execution Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14281/online-student-enrollment-system-using-phpmysqli.html Versio...
Student Enrollment 1.0 Remote Code Execution
Exploit Title: Student Enrollment 1.0 - Unauthenticated Remote Code Execution Date: 2020-06-22 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14281/online-student-enrollment-system-using-phpmysqli.html Version: 1.0 Tested on: Windows 10 /...
WampServer Cross-Site Request Forgery Vulnerability (CNVD-2019-17113)
WampServer is a Windows-based Web development platform . The platform integrates Apache, MySQL and PHP development environment. A cross-site request forgery vulnerability exists in the addvhost.php file in WampServer versions prior to 3.1.9. The vulnerability stems from the WEB application not...
WampServer >= 3.1.3, <= 3.1.8 CSRF Vulnerability
WampServer is prone to a cross-site request forgery CSRF vulnerability. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the...
CVE-2019-11517
WampServer before 3.1.9 has CSRF in addvhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner...
CVE-2019-11517
WampServer before 3.1.9 has CSRF in addvhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner...
Cross site request forgery (csrf)
WampServer before 3.1.9 has CSRF in addvhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner...
CVE-2019-11517
WampServer before 3.1.9 has CSRF in addvhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner...
CVE-2019-11517
CVE-2019-11517 is a CSRF in WampServer before 3.1.9 affecting add_vhost.php. The issue arose because the synchronizer pattern, implemented as remediation for CVE-2018-8817, was incomplete, allowing an attacker to add or delete vhosts without the owner’s consent. Public details across connected so...
Wampserver 3.1.8 Cross Site Request Forgery
Affected product: WampServer 3.1.4-3.1.8 Offiical description: "WampServer is a Windows web development environment. It allows you to create web applications with Apache2, PHP and a MySQL database. Alongside, PhpMyAdmin allows you to manage easily your databases." Official website:...
WampServer < 3.1.5 XSS Vulnerability
WampServer is prone to an XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
CVE-2018-1000848
Wampserver version prior to version 3.1.5 contains a Cross Site Scripting XSS vulnerability in index.php localhost page that can result in very low. This attack appear to be exploitable via payload onmouseover. This vulnerability appears to have been fixed in 3.1.5 and later...
CVE-2018-1000848
Wampserver version prior to version 3.1.5 contains a Cross Site Scripting XSS vulnerability in index.php localhost page that can result in very low. This attack appear to be exploitable via payload onmouseover. This vulnerability appears to have been fixed in 3.1.5 and later...
Cross site scripting
Wampserver version prior to version 3.1.5 contains a Cross Site Scripting XSS vulnerability in index.php localhost page that can result in very low. This attack appear to be exploitable via payload onmouseover. This vulnerability appears to have been fixed in 3.1.5 and later...
CVE-2018-1000848
Wampserver version prior to version 3.1.5 contains a Cross Site Scripting XSS vulnerability in index.php localhost page that can result in very low. This attack appear to be exploitable via payload onmouseover. This vulnerability appears to have been fixed in 3.1.5 and later...
CVE-2018-1000848
CVE-2018-1000848 refers to a Cross Site Scripting (XSS) vulnerability in WampServer when using versions prior to 3.1.5. The issue affects the local index.php page and can be triggered by a payload via an onmouseover event, enabling potential script execution in a victim’s browser. The vulnerabili...
WampServer 3.0.6 - Cross-Site Request Forgery
Exploit Title: WampServer 3.0.6 - Cross-Site Request Forgery Date: 2018-06-11 Exploit Author: L0RD Software Link: https://ufile.io/gpqh9 Vendor Homepage: http://www.wampserver.com/en/ Version: 3.0.6 - 64bit Tested on: Win 10 Description : An issue was discovered in WampServer 3.0.6 which allows a...