Sql injection

Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the 1 iDisplayLength or 2 iDisplayStart parameter to a commentspaginate.php or b storespaginate.php in admin/ajax/...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to inject arbitrary web script or HTML via the 1 sEcho parameter to commentspaginate.php or 2 storespaginate.php or the 3 affiliateurl, 4 description, 5 domain, 6...

CVE-2014-10035

CVE-2014-10035 affects couponPHP before 1.2.0. The admin area is vulnerable to multiple XSS flaws where an attacker can inject arbitrary script/HTML via parameters such as sEcho in comments_paginate.php, stores_paginate.php, and several admin/index.php fields (affiliate_url, description, domain, ...

CVE-2014-10034

CVE-2014-10034 affects couponPHP prior to 1.2.0. The admin area is vulnerable to SQL injection via the iDisplayLength and iDisplayStart parameters in comments_paginate.php and stores_paginate.php under admin/ajax/, enabling remote attackers with valid admin access to manipulate SQL queries. Relat...

CVE-2014-10034

Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the 1 iDisplayLength or 2 iDisplayStart parameter to a commentspaginate.php or b storespaginate.php in admin/ajax/...

CVE-2014-8771

Multiple cross-site request forgery CSRF vulnerabilities in the admin area in X3 CMS 0.5.1 and 0.5.1.1 allow remote attackers to hijack the authentication of administrators via unspecified vectors...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the admin area in X3 CMS 0.5.1 and 0.5.1.1 allow remote attackers to hijack the authentication of administrators via unspecified vectors...

CVE-2014-8771

CVE-2014-8771 affects X3 CMS versions 0.5.1 and 0.5.1.1, with multiple CSRF vulnerabilities in the admin area that allow remote attackers to hijack administrator authentication via unspecified vectors. Exploitation details are not provided in the available documents. The entry’s CVSS assessment i...

WordPress Contact Form DB Plugin <= 2.8.17 - Reflected XSS

This plugin is prone to a reflected cross site scripting vulnerability in Admin Area. Solution Update the plugin...

MTP Guestbook 1.0 - Multiple XSS Vulnerabilities

No description provided by source. ?!-- MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: MTP Guestbook allows you to put a guestbook on your website. Your visitors can sign it and leave a...

CCLeague Pro <= 1.2 Insecure Cookie Authentication Vulnerability

No description provided by source. -+================================================================================+- -+ CCLeague Pro = 1.2 Insecure Cookie Authentication Vulnerability +- -+================================================================================+- Discovered By: t0pP8uZ...

Maian Recipe <= 1.2 Insecure Cookie Handling Vulnerability

No description provided by source. -+================================================================================+- -+ Maian Recipe = v1.2 Insecure Cookie Handling Vulnerability +- -+================================================================================+- Discovered By: S.W.A.T...

ActiveKB <= 1.5 Insecure Cookie Handling/Arbitrary Admin Access

No description provided by source. --==+================================================================================+==-- --==+ ActiveKB = 1.5 Insecure Cookie Handling/Arbitrary Admin Access +==-- --==+================================================================================+==--...

Picture Rating 1.0 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl -- Picture Rating 1.0 Blind SQL Injection Exploit -- -Info/Instructions- After running this perl script, you will have admin details therefore you will be able to login to the admin area at http://site.com/control/ ok once you have logged in has...

QuickCms 5.4 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: QuickCms 5.4 Multiple Vulnerabilites Date: 04/08/2014 Author: shpendk Software Link: http://opensolution.org/download,en,18.html?sFile=Quick.Cms/Quick.Cmsv5.4.zip Version: 5.4 Tested on: Xampp on Windows Reflected XSS Vulnerability in Admin Area: Trigger:...

Quick.CMS 5.4 - Multiple Vulnerabilities

Quick.CMS 5.4 - Multiple Vulnerabilities Exploit Title: QuickCms 5.4 Multiple Vulnerabilites Date: 04/08/2014 Author: shpendk Software Link: http://opensolution.org/download,en,18.html?sFile=Quick.Cms/Quick.Cmsv5.4.zip Version: 5.4 Tested on: Xampp on Windows Reflected XSS Vulnerability in Admin...

Quick.CMS 5.4 - Multiple Vulnerabilities

Exploit Title: QuickCms 5.4 Multiple Vulnerabilites Date: 04/08/2014 Author: shpendk Software Link: http://opensolution.org/download,en,18.html?sFile=Quick.Cms/Quick.Cmsv5.4.zip Version: 5.4 Tested on: Xampp on Windows Reflected XSS Vulnerability in Admin Area: Trigger:...

WordPress HMS Testimonials 2.0.10 XSS / CSRF

Update ======================== Fixed wrong dates. Details ======================== Application: HMS Testimonials http://wordpress.org/plugins/hms-testimonials/ Version: 2.0.10 Type: Wordpress Plugin Vendor: Jeff Kreitner http://profiles.wordpress.org/kreitje/ Vulnerability: - Cross-Site Request...

Croogo 1.3.5 Cross Site Scripting

Exploit Title: Croogo Cms Multiple Cross Site Scripting Vulnerabilities Date: 06/04/2013 Author: Nikhalesh Singh Bhadoria Twitter: @nikhaleshsingh Download Link: http://www.croogo.org/ Versions Affected: Croogo 1.3.5 Category:Xss...

SweetRice CMS 1.2.5 Cross Site Scripting

Exploit Title: SweetRice Cms Multiple Cross Site Scripting Vulnerabilities Date: 06/01/2013 Author: Nikhalesh Singh Bhadoria Twitter: @nikhaleshsingh Download Link: http://www.basic-cms.org/ Versions Affected: SweetRice 1.2.5 Category:Xss...