EUVD-2017-9071

Malware in sbrugna...

User Avatar - Reloaded < 1.2.2 - Contributor+ Stored XSS

Description The plugin does not properly sanitize and escape certain of its shortcodes attributes, which could allow relatively low-privileged users like contributors to conduct Stored XSS attacks. PoC As a Contributor+ create a new post and add one of the following shortcode. avatar user="admin"...

Bootstrap Shortcodes <= 3.4.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks As a Contributor+ create a new post and add...

Simple File Downloader <= 1.0.4 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC As a Contributor+ create a new post and...

Download Manager < 3.2.48 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the 'Insert URL' field, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks. Note: The attempted fix made in 3.2.46 and 3.2.47 were found to be insufficient As a contributor, create/edit a download and pu...

PHP Scripts Mall Professional Service Script Information Disclosure Vulnerability (CNVD-2018-00493)

Professional Service Script is a script from PHP Scripts Mall with search, task creation and task management features. An information disclosure vulnerability exists in PHP Scripts Mall Professional Service Script. A remote attacker can exploit this vulnerability to obtain sensitive full path...

PHP Scripts Mall Professional Service Script SQL Injection Vulnerability (CNVD-2018-00489)

Professional Service Script is a script from PHP Scripts Mall with search, task creation and task management features. A SQL injection vulnerability exists in PHP Scripts Mall Professional Service Script. A remote attacker can exploit this vulnerability by using the id parameter in admin/review.p...

Sql injection

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter...

SQL Injection Vulnerability in the id parameter of the /www/index.php page of Xiyu Media's Digital Newspaper System

Joy Reading Kiosk Digital Newspaper System is a digital newspaper WEB management system. There is a SQL injection vulnerability in this product, the vulnerability URL is: /www/index.php?mod=admin&con=review&act=view&id=, the vulnerability parameter is: id, the attacker can use the vulnerability t...