Lucene search
K

169 matches found

CVE
CVE
added 2015/02/06 3:0 p.m.53 views

CVE-2015-1442

CVE-2015-1442 describes a SQL injection in ZeroCMS. Affected: ZeroCMS versions 1.3.3, 1.3.2 and earlier. Vulnerability located in views/zero_transact_user.php (administrative backend) where the user_id parameter in a Modify Account action can be exploited by remote authenticated users to execute ...

7.5CVSS8AI score0.02368EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2015/01/15 3:0 p.m.44 views

CVE-2015-1040

Summary (CVE-2015-1040): Multiple XSS vulnerabilities in the administrative backend of BEdita 3.4.0 allow remote authenticated users to inject arbitrary script/HTML via several fields (lrealname in editProfile; data[title] or data[description] in addQuickItem; note text in saveNote; titleBEObject...

3.5CVSS5.5AI score0.01618EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2015/01/08 3:0 p.m.25 views

CVE-2015-0919

Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo before 1.6.1 allow remote administrators to execute arbitrary SQL commands via the 1 idcat or 2 idclient parameter to backend/main.php...

8.5AI score0.02122EPSS
Exploits1References4
NVD
NVD
added 2015/01/02 7:59 p.m.21 views

CVE-2014-9434

Cross-site scripting XSS vulnerability in admin/managerrelated.php in the administrative backend in Absolut Engine 1.73 allows remote authenticated users to inject arbitrary web script or HTML via the title parameter...

3.5CVSS5.3AI score0.01564EPSS
Exploits1References3
Prion
Prion
added 2015/01/02 7:59 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/managerrelated.php in the administrative backend in Absolut Engine 1.73 allows remote authenticated users to inject arbitrary web script or HTML via the title parameter...

3.5CVSS5.7AI score0.01564EPSS
Exploits1References3Affected Software1
seebug.org
seebug.org
added 2014/10/10 12:0 a.m.65 views

方维团购最新版通杀注入(附大量案例)

简要描述: RT $$$$$$$$$$$$$$$$$$$$$$$ 详细说明: 官网没成功。但是基本通杀。 存在问题的地方是这个登录接口:m.php?m=User&a=doLogin post:origURL=ghost&password=ghost&email=ghost(email参数没有过滤) 报错注入 http://www.qianrengou.com/m.php?m=User&a=doLogin post:post:origURL=ghost&password=ghost&email=ghost 默认后台:admin.php...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

dl_stats Multiple Vulnerabilities

No description provided by source. :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: |:: General Information |:: Advisory/Exploit Title = dlstats Multiple Vulnerabilitie |:: Author = Valentin Hoebel |:: Contact = [email protected] |:: |::...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/02/24 12:0 a.m.16 views

Easytalk V2.5 任意用户登录

简要描述: Easytalk 而在function authcode()中,唯一用来判别不同网站的key,默认是没有的,那就会使用SITEURL,也就是网站地址:例如http://wb.sol.net.cn这个站点,那SITEURL=http://wb.sol.net.cn 我们可以通过指定SITEURL来得到authcookie: 然后登录 img src="...

7.1AI score
Exploits0
myhack58
myhack58
added 2011/12/14 12:0 a.m.31 views

The Rubik's Cube Network Camera System injection vulnerability and exploit-vulnerability warning-the black bar safety net

The Rubik's Cube Network Camera System Injection point:/news. php? action=detail&id=SQLi Using the method, the first step through the injection point to obtain the administrator account and password, the password actually is plaintext The second step, 后台地址为/admin.php,go in the admin backend tryin...

1.9AI score
Exploits0
myhack58
myhack58
added 2011/07/25 12:0 a.m.16 views

Phpaa Cms admin backend to get Shell – 0day-vulnerability warning-the black bar safety net

Edit Site Settings in the site name Content: 1 2 3" ;?& gt;? php eval$POSTc?& gt;; And then the word links: data/website.inc.php eval$POSTc...

0.9AI score
Exploits0
myhack58
myhack58
added 2011/01/28 12:0 a.m.28 views

The wind God news management static version of 1. 7 vulnerability-vulnerability warning-the black bar safety net

Publishing author: LinkEr Affected versions: V1. 7 static version Official website: Vulnerability type: design flaw Vulnerability Description: The Wind God news management static version of 1. 7 the presence of multiple vulnerabilities. 1.1 The background verify file wwwroot/admin/islogin. asp...

0.9AI score
Exploits0
NVD
NVD
added 2010/05/12 4:5 p.m.44 views

CVE-2010-1482

Cross-site scripting XSS vulnerability in admin/editprefs.php in the backend in CMS Made Simple CMSMS before 1.7.1 might allow remote attackers to inject arbitrary web script or HTML via the dateformatstring parameter...

4.3CVSS5.6AI score0.01085EPSS
Exploits3References4
myhack58
myhack58
added 2010/05/12 12:0 a.m.22 views

Quick guestbook v10. 0 9 The official version upload vulnerability and a Cookie spoofing vulnerability-vulnerability warning-the black bar safety net

Upload vulnerability: Loophole Page:/up/add. asp Use method: directly in the guestbook behind a vulnerability page address: for example: http://localhost/up/add.asp, The local structure of x. asp;. jpg picture Trojan, using iis6. 0 parsing vulnerability. Directly upload. Get the webshell, As for...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2010/04/19 12:0 a.m.58 views

DL_Stats Cross Site Scripting / Admin Bypass / SQL Injection

Exploit Title: dlstats Multiple Vulnerabilities Date: 18.04.2010 Author: Valentin Category: webapps/0day Version: Tested on: CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: |:: General Information |:: Advisory/Exploit Title = dlstats Multiple...

0.3AI score
Exploits0
0day.today
0day.today
added 2010/04/18 12:0 a.m.16 views

dl_stats Multiple Vulnerabilities

Exploit for php platform in category web applications ================================= dlstats Multiple Vulnerabilities ================================= :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: |:: General Information |:: Advisory/Exploit Title = dlstats...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/04/18 12:0 a.m.15 views

dl_stats - Multiple Vulnerabilities

dlstats - Multiple Vulnerabilities :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: |:: General Information |:: Advisory/Exploit Title = dlstats Multiple Vulnerabilitie |:: Author = Valentin Hoebel |:: Contact = [email protected] |:: |::...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2010/04/18 12:0 a.m.29 views

dl_stats - Multiple Vulnerabilities

:::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: |:: General Information |:: Advisory/Exploit Title = dlstats Multiple Vulnerabilitie |:: Author = Valentin Hoebel |:: Contact = [email protected] |:: |:: :::::::::::::::::::::::::::::::::::::: 0x2...

7.4AI score
Exploits0
myhack58
myhack58
added 2009/12/01 12:0 a.m.12 views

Oriental legend o thinking self-help built Station software vulnerabilities-vulnerability warning-the black bar safety net

Oriental legend o thinking self-help built Station software vulnerabilities Simple is the way./ in. Mainly use for windows 2 0 0 3 iis6 parsing vulnerability Upload format . asp:. jpg put immediately transmitted to Google:personmbcenter/defaultlogin. aspx First register a member! Registration is...

1AI score
Exploits0
myhack58
myhack58
added 2009/11/24 12:0 a.m.17 views

Popular with the left back door method of analysis-vulnerability warning-the black bar safety net

First: In the administrator backend login screen to hide our Backdoor, it is relatively safe Because the administrator of the inlet is not often traded, as long as his login screen on our back door just in! Of course, you also can be flexibly inserted into the other file, as long as this file is...

Exploits0
myhack58
myhack58
added 2009/06/10 12:0 a.m.23 views

typecho blog system store cross-site vulnerability&easy to get webshell-vulnerability warning-the black bar safety net

author:hiphop qq group:5 2 9 3 8 7 2 2 转 帖 请 附上 来源 :http://hi.baidu.com/securehiphop/blog/item/f5b3627a1768bcfc0ad187f5.html Today Wake up in the morning eat Breakfast go to download a set of blogs to look at In the admin backend post post place found to the title place the title didn't do better...

6.6AI score
Exploits0
Rows per page
Query Builder