Wordpress Plugin Single Personal Message SQL Injection Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . A SQL injection vulnerability exists in the message parameter of the admin.php page of the Wordpress plugin Sing...

groentenonline.nl XSS vulnerability

Vulnerable URL: http://www.groentenonline.nl/admin.php?error=%22%22/%3E%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 02.09.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / No...

CVE-2003-0589

admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password...

CVE-2003-0589

CVE-2003-0589 affects Digi-ads 1.1 where admin.php allows remote authentication bypass by sending a cookie with the username set to the administrator’s name. The root cause is an improper condition in admin.php that does not require a correct password, enabling an attacker to gain admin access vi...

Simple Blog PHP 2.0 - SQL Injection

Exploit for php platform in category web applications ===================================================== Simple Blog PHP 2.0 - SQL Injection ===================================================== Vendor Homepage: http://simpleblogphp.com/ Date: 13 Oct 2016 Demo Link :...

Simple Blog PHP 2.0 - SQL Injection

Simple Blog PHP 2.0 - SQL Injection ===================================================== Simple Blog PHP 2.0 - SQL Injection ===================================================== Vendor Homepage: http://simpleblogphp.com/ Date: 13 Oct 2016 Demo Link : http://simpleblogphp.com/blog/admin.php...

Simple Blog PHP 2.0 - SQL Injection

===================================================== Simple Blog PHP 2.0 - SQL Injection ===================================================== Vendor Homepage: http://simpleblogphp.com/ Date: 13 Oct 2016 Demo Link : http://simpleblogphp.com/blog/admin.php Version : 2.0 Platform : WebApp - PHP...

PHP Press Release Cross-Site Request Forgery Vulnerability

PHP Press Release is a software that allows you to manage your organization's press releases via the web, and the public can access recent releases via the web. A cross-site request forgery vulnerability exists in the administration.php page of PHP Press Release, which can be exploited by an...

WordPress Plugin W3 Total Cache 'admin.php' Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language. w3 Total Cache is one of the blog optimization plug-ins. A cross-site scripting vulnerability exists in the WordPress plugin W3 Total Cache 'admin.php' 0.9.4.1 and earlier. An attacker can...

Modoer review system admin.php cross-site script execution vulnerability

Modoer review system a professional review website system, a variety of industry reviews, you can freely regulate the type of review project. Modoer system version 20150505 cross-site scripting vulnerability exists in the background, due to the failure to limit the act parameters when loading...

WordPress WP-DownloadManager Plugin 1.68.1 arbitrary file upload vulnerability

Vulnerability file: download-add.php Vulnerability code: if ! empty $POST'do' checkadminreferer'wp-downloadmanageradd-file'; // Decide What To Do switch $POST'do' // Add File case 'Add File', 'wp-downloadmanager': $filetype = ! empty $POST'filetype' ? intval $POST'filetype' : 0; switch$filetype...

WordPress Levo-Slideshow 2.3 Shell Upload

Document Title: =============== Wordpress Levo-Slideshow 2.3 - Arbitrary File Upload Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1854 Release Date: ============= 2016-06-07 Vulnerability Laboratory ID VL-ID:...

Xoops 2.5.7.2 - Cross-Site Request Forgery (Arbitrary User Deletions)

Exploit for php platform in category web applications var c=-1 var amttodelete=100 var id=document.getElementById"ids" var frm=document.getElementById"CSRF" function doit c++ arguments1.valu...

conference.wcaworld.com XSS vulnerability

Vulnerable URL: http://conference.wcaworld.com/WCAprojects2013/register/admin.php?MSG=%22%3E%3Csvg/onload=confirm%28/xssposed/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

destoon v6版 admin.php csrf 漏洞

No description provided by source...

OpenSolution Quick.Cart 'admin.php' Cross-Site Request Forgery Vulnerability

OpenSolution Quick.Cart is a PHP-based open source e-commerce software from OpenSolution Poland. The software supports engine optimization , module extensions and so on. OpenSolution Quick.Cart version 6.6 and cross-site request forgery vulnerability. An attacker can exploit the vulnerability to...

Sql injection

Multiple SQL injection vulnerabilities in admin.php in the Collne Welcart plugin before 1.5.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the 1 searchcolumn or 2 switch parameter...

CVE-2015-7791

CVE-2015-7791 is an SQL injection vulnerability in the Welcart e-Commerce WordPress plugin (admin.php) caused by improper handling of search[column] and switch parameters. Exploitation allows remote, authenticated users to execute arbitrary SQL commands on affected sites. Affected versions are We...

CVE-2015-7791

Multiple SQL injection vulnerabilities in admin.php in the Collne Welcart plugin before 1.5.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the 1 searchcolumn or 2 switch parameter...

Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusions

Title: Ovidentia Module bulletindoc 2.9 Multiple Remote File Inclusion Vulnerabilities Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...