109 matches found
CMS Made Simple 2.1.5 - Cross-Site Scripting
CMS Made Simple 2.1.5 - Cross-Site Scripting. Webapps exploit for PHP platform Exploit Title: CMS made simple Persistent XSS vulnerability Date:2016-11-01 Exploit Author: liu zhu Vendor Homepage:http://www.cmsmadesimple.org/ Software...
Wing FTP Server Admin /admin_loglist.html Cross-Site Request Forgery Vulnerability
WingFTPServer is a professional cross-platform FTP server , it has good speed , reliability and a friendly configuration interface . A cross-site request forgery vulnerability exists in WingFTPServer Admin /adminloglist.html, which allows remote attackers to construct malicious URIs, trick users...
magic-portal 2.1 - SQL Injection
magic-portal 2.1 - SQL Injection :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Exploit Title :magic-portal SQL injection Vulnerability Author: alnjm33 Software Link: Version: 2.1 Tested on: Version 2.1 My home : Sec-war.com...
dB Masters MultiMedia - Insecure Cookie Handling
======================================================================================== | Title : dB Masters Multimedia Insecure Cookie Handling Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | | W...
XM Easy Personal FTP Server 5.4.0 (XCWD) Denial of Service Exploit
Exploit for unknown platform in category dos / poc ================================================================== XM Easy Personal FTP Server 5.4.0 XCWD Denial of Service Exploit ================================================================== !/usr/bin/python XM Easy Personal FTP Server...
CVE-2007-5441
CMS Made Simple 1.1.3.1 does not check the permissions assigned to users in some situations, which allows remote authenticated users to perform some administrative actions, as demonstrated by 1 adding a user via a direct request to admin/adduser.php and 2 reading the admin log via an...
Cross site scripting
Cross-site scripting XSS vulnerability in Virtual Hosting Control System VHCS 2.4.7.1 with v.1 patch and earlier allows remote attackers to inject arbitrary web script or HTML via the username, which is recorded in a log file but not properly handled when the administrator uses the admin log...
CVE-2006-0683
Cross-site scripting XSS vulnerability in Virtual Hosting Control System VHCS 2.4.7.1 with v.1 patch and earlier allows remote attackers to inject arbitrary web script or HTML via the username, which is recorded in a log file but not properly handled when the administrator uses the admin log...
CVE-2006-0683
Cross-site scripting XSS vulnerability in Virtual Hosting Control System VHCS 2.4.7.1 with v.1 patch and earlier allows remote attackers to inject arbitrary web script or HTML via the username, which is recorded in a log file but not properly handled when the administrator uses the admin log...