55 matches found
CVE-2018-20434
LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $POST'community' parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajaxoutput.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers...
CVE-2018-1000527
Froxlor version = 0.9.39.5 contains a PHP Object Injection vulnerability in Domain name form that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Passing malicious PHP objection in $POST'sslipandport'. This vulnerability appears to...
Information disclosure
Froxlor version = 0.9.39.5 contains a PHP Object Injection vulnerability in Domain name form that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Passing malicious PHP objection in $POST'sslipandport'. This vulnerability appears to...
CVE-2018-1000527
Froxlor version = 0.9.39.5 contains a PHP Object Injection vulnerability in Domain name form that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Passing malicious PHP objection in $POST'sslipandport'. This vulnerability appears to...
Cross site scripting
Mahara 16.10 before 16.10.7 and 17.04 before 17.04.5 and 17.10 before 17.10.2 have a Cross Site Scripting XSS vulnerability when a user enters invalid UTF-8 characters. These are now going to be discarded in Mahara along with NULL characters and invalid Unicode characters. Mahara will also avoid...
CVE-2017-17454
Mahara 16.10 before 16.10.7 and 17.04 before 17.04.5 and 17.10 before 17.10.2 have a Cross Site Scripting XSS vulnerability when a user enters invalid UTF-8 characters. These are now going to be discarded in Mahara along with NULL characters and invalid Unicode characters. Mahara will also avoid...
Sql injection
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords function in smartgooglecode.php did not use prepared statements and did not sanitize...
CVE-2018-3811
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords function in smartgooglecode.php did not use prepared statements and did not sanitize...
JTRT Responsive Tables <= 4.1 – Authenticated SQL Injection
Type user access: single user. $POST‘tableId’ is not escaped. File / Code: Path: /wp-content/plugins/jtrt-responsive-tables/admin/class-jtrt-responsive-tables-admin.php Line : 183 $getTableId = $POST'tableId'; ... $retrievedata = $wpdb-getresults "SELECT FROM $jtrttablesname WHERE jttableIDD = "...
CVE-2017-11445
Subrion CMS before 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $POST array...
CVE-2017-11415
Fiyo CMS 2.0.7 has SQL injection in dapur/apps/apparticle/sysarticle.php via $POST'parentid', $POST'desc', $POST'keys', and $POST'level'...
CVE-2017-11415
Fiyo CMS 2.0.7 has SQL injection in dapur/apps/apparticle/sysarticle.php via $POST'parentid', $POST'desc', $POST'keys', and $POST'level'...
CVE-2017-11419
Fiyo CMS 2.0.7 has SQL injection in /apps/apparticle/controller/editor.php via $POST'id' and $POST'arttitle'...
PHP study notes and security vulnerabilities-vulnerability warning-the black bar safety net
System variables $POST // get the post data is a dictionary $GET // get get data, is a dictionary The error control operator PHP supports one error control operator:@the. When it is placed in a PHP expression, the expression may produce any error information is ignored. Variable default value Whe...
Mastery oa 2015 \inc\common.inc.php approve_finish function injection vulnerability
Recently made public measured when encountered on a system, The 2015 version of the latest update date: 2016-07-22 Injection the analysis \inc\common.inc.php ? php function SecureRequest&$var if isarray$var foreach $var as $k = $v $var$k = securerequest$v; else if 0 strlen$var &&...
Product Catalog 8 1.2 - Unauthenticated SQL Injection
$POST ‘selectedCategory’ is not escaped. UpdateCategoryList is accessible for any user. PoC...
HackerOne: Possible CSRF during external programs
Hello, at first i want to say that my report is the same of this report 148517 i see you accept it as a valid one so i reported this HackerOne allow users to Made external programs pages for programs the request i test will be The original Request POST /externalprograms HTTP/1.1 Host: hackerone.c...
Invision Power Board <= 2.3.5 - Remote SQL Injection Exploit
No description provided by source. ?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // IPB = 2.3.5 sql injection exploit // Version 1.0 // written by Janek Vind waraxe // Estoni...
IPB 3.0.1 - SQL Injection exploit
No description provided by source. ?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // IPB 3.0.1 sql injection exploit // Version 1.0 // written by Cryptovirus //...
Easytalk sql注入一枚
简要描述: 过滤不严。 详细说明: 在voteaction.class.php中 public function sendvote $vid=intval$POST'vid'; $votedata=$POST'votedata'; $isret=intval$POST'isret'; $isnone=intval$POST'isnone'; if $vid if isarray$votedata $vmodel=D'Votes'; $vopt=D'Voteoptions'; $vuser=D'Voteusers'; $myvote=$vuser-where"voteid='$vid' A...