102 matches found
CVE-2023-27614
Auth. admin+ Cross-Site Scripting XSS vulnerability in Ian Haycox Motor Racing League plugin = 1.9.9 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WP-Buddy Google Analytics Opt-Out plugin = 2.3.4 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Unlimited Elements Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin = 1.5.48 versions...
Cross site scripting
Auth. admin+ Cross-Site Scripting XSS vulnerability in Lester 'GaMerZ' Chan WP-CommentNavi plugin = 1.12.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Chameleon plugin = 1.4.3 on WordPress...
Broken Link Manager <= 0.6.5 - Authenticated (admin+) SQL Injection
The plugin does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue GET...
CVE-2020-4719
The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. This could enable an authenticated user with admin authorization to create DNS query strings that are not hostnames. IBM X-Force ID: 187861...
Shopify: H1514 Simple phishing using auto-created modal with weak URL-pattern check in incontext_app_link
Hi, This is unrelated to the Twine-template issue reported earlier as this would still be an issue if the template escape would be fixed. Background The incontextapplink is checked server-side if it's a correct shopifycloud.com-URL. The problem however is that userdata inside the URL is allowed. ...
Escalation Of Privileges
hadoop-hdfs is vulnerable to escalation of privileges. It does not check for admin authorization for the refreshNamenodes, deleteBlockPool and shutdownDatanode commands. This allows remotely authenticated attackers to perform these commands or cause denial of service attacks...
Paddelberg Topsite Script Authentication Bypass Vulnerability
No description provided by source. Exploit Title: Paddelberg's topsite-script admin auth bypass. Google Dork: intext:powered by php scripte webmaster resource Date: 8. 1. 2012 Author: Christian Inci Software Link: http://www.paddelberg.de/gratis-toplisten-script/gratis-download/ Version: = 1.23 2...
Shop-Script FREE <= 2.0 - Remote Command Execution Exploit
No description provided by source. ?php Shop-Script FREE = 2.0 Remote Command Execution Exploit by InATeam tested on versions 1.2 and 2.0 works regardless magicquotesgpc=on Greetz: eXp, Kuzya, cxim, Russian, ENFIX echo --------------------------------------------------------\n; echo Shop-Script...
Paddelberg Topsite Script - Authentication Bypass
Exploit Title: Paddelberg's topsite-script admin auth bypass. Google Dork: intext:"powered by php scripte webmaster resource" Date: 8. 1. 2012 Author: Christian Inci Software Link: http://www.paddelberg.de/gratis-toplisten-script/gratis-download/ Version: = 1.23 22. 9. 2007 Tested on: 1.23 Vendor...
Symphony <= 1.7.01 (non-patched) Remote Code Execution Exploit
No description provided by source. ?php Symphony = 1.7.01 non-patched Remote Command Execution Exploit by Raz0r http://Raz0r.name Software site: http://21degrees.com.au/ works regardless magicquotesgpc echo "-----------------------------------------------------------------\n"; echo "Symphony =...
symphony-exec.txt
db-fetchRow0, $sql; ... ... ifisset$COOKIESYMCOOKIE $args = unserialize$COOKIESYMCOOKIE; $result = $this-login$args'username', $args'password', true, false; ------------------/source code--------------------- password value from cookie is n...
Symphony <= 1.7.01 (non-patched) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ============================================================== Symphony db-fetchRow0, $sql; ... ... ifisset$COOKIESYMCOOKIE $args = unserialize$COOKIESYMCOOKIE; $result = $this-login$args...
Symphony 1.7.01 (non-patched) - Remote Code Execution
db-fetchRow0, $sql; ... ... ifisset$COOKIESYMCOOKIE $args = unserialize$COOKIESYMCOOKIE; $result = $this-login$args'username', $args'password', true, false; ------------------/source code--------------------- password value from cookie is not properly sanitized so the code above...
EkinBoard <= 1.1.0 Remote File Upload / Auth Bypass Vulnerabilities
No description provided by source. ---- EkinBoard Remote File Upload / Auth Bypass ... ITDefence.ru Antichat.ru EkinBoard = 1.1.0 Remote File Upload / Auth Bypass Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / &nb...
ekinboard-upload.txt
---- EkinBoard Remote File Upload / Auth Bypass ... ITDefence.ru Antichat.ru EkinBoard = 1.1.0 Remote File Upload / Auth Bypass Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / // / /\ / //...
Shop-Script FREE <= 2.0 Remote Command Execution Exploit
No description provided by source. ?php Shop-Script FREE = 2.0 Remote Command Execution Exploit by InATeam tested on versions 1.2 and 2.0 works regardless magicquotesgpc=on Greetz: eXp, Kuzya, cxim, Russian, ENFIX echo "--------------------------------------------------------\n"; echo "Shop-Scrip...
shopscript-exec.txt
?php Shop-Script FREE = 2.0 Remote Command Execution Exploit by InATeam tested on versions 1.2 and 2.0 works regardless magicquotesgpc=on Greetz: eXp, Kuzya, cxim, Russian, ENFIX echo "--------------------------------------------------------\n"; echo "Shop-Script FREE = 2.0 Remote Command Executi...