CVE-2021-2195

Vulnerability in the Oracle Partner Management product of Oracle E-Business Suite component: Attribute Admin Setup. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

Oracle E-Business Suite Oracle Partner Management Attribute Admin Setup 安全漏洞

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, is a seamless integration of a management suite. Oracle...

CVE-2020-20800

An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI...

MetInfo SQL Injection Vulnerability (CNVD-2021-05409)

MetInfo using PHP + Mysql architecture, is a very SEO-friendly, full-featured, support for multi-language, responsive display, extremely suitable for business, corporate website construction cms station-building system. MetInfo 7.0.0 beta version has SQL injection vulnerability. Attackers can...

The vulnerability of the Attribute Admin Setup sub-component of the Oracle Partner Management component in the Oracle E-Business Suite system allows a malicious actor to gain access to and modify data.

The vulnerability of the Attribute Admin Setup sub-component of the Oracle Partner Management component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or...

CVE-2020-2877

Vulnerability in the Oracle Partner Management product of Oracle E-Business Suite component: Attribute Admin Setup. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner...

CVE-2020-2877

Vulnerability in the Oracle Partner Management product of Oracle E-Business Suite component: Attribute Admin Setup. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner...

Unspecified Vulnerability in Oracle Partner Management

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, is a seamless integration of a management suite. Oracle...

CVE-2018-12457

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header...

Composr CMS Cross-Site Scripting Vulnerability

Composr CMS is an open source content management system CMS developed using HTML, CSS and WCAG technologies. A cross-site scripting vulnerability exists in Composr CMS version 10.0.13. A remote attacker can exploit this vulnerability by sending a page=admin-setupwizard&type=step3 request to...

CVE-2018-6518

Composr CMS 10.0.13 has XSS via the sitename parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php...

CVE-2018-6518

Composr CMS 10.0.13 has XSS via the sitename parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in admin/setup/config/users.php in poMMo Aardvark PR16.1 allows remote attackers to hijack the authentication of administrators for requests that modify credentials via certain admin parameters...

CVE-2011-5300

CVE-2011-5300 affects poMMo Aardvark PR16.1. a CSRF in admin/setup/config/users.php allows remote attackers to hijack administrator authentication by submitting requests that modify credentials via certain admin_ parameters. Root cause is a CSRF in the credential-modification flow. Impact describ...

PANews 2.0 - Remote PHP Script Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12611/info PaNews is reported prone to a remote PHP script code execution vulnerability. It is reported that PHP script code may be injected into the PaNews software through the 'showcopy' parameter of the 'adminsetup.php...

WordPress <= 3.3.1 - Multiple XSS

Because of these vulnerabilities in wp-admin/setup-config.php, the attackers can inject arbitrary web script or HTML. Solution Update WordPress...

PHP Jokesite V 2.0 exec Command Exploit

No description provided by source. ======================================================================================== | Title : PHP Jokesite V 2.0 exec command EXploit | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com | Tested on: windows SP2 Français V.Pnx2 2...

PHP TopSites setup.php Administration Authentication Bypass

The remote host is running PHP TopSites, a PHP/MySQL-based customizable TopList script. There is a vulnerability in this software which allows an attacker to access the admin/setup interface without authentication. %NASLMINLEVEL 70300 Josh Zlatin-Amishav GPLv2 Changes by Tenable: - Fixed script...

paNews 2.0.4b Multiple Input Validation Vulnerabilities

The remote host is running a version of paNews that suffers from the following vulnerabilities: - SQL Injection Issue in the 'login' method of includes/auth.php. A remote attacker can leverage this vulnerability to add users with arbitrary privileges. - Local Script Injection Vulnerability in...

paNews v2.0b4 - PHP Injection

oooo oooo oooooooo8 ooooooooooo 8888o 88 888 88 888 88 88 888o88 888oooooo 888 88 8888 888 888 o88o 88 o88oooo888 o888o Network security team nst.e-nex.com Title: paNews v2.0b4 Bug found by: тёмыч Date: 20.02.2005 web: http://www.phparena.net/panews.php google: allintitle:paNews v2.0b4 PHP...