CVE-2023-1308

A vulnerability classified as critical has been found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/adminlog.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

Stored Cross-site Scripting (XSS)

thorsten/phpmyfaq is vulnerable to Stored Cross-site Scripting XSS. The vulnerability exists due to the improper sanitization in the adminlog of the stat.adminlog.php, which allows an attacker to inject and execute malicious JavaScript through the $text attribute...

GHSA-GCMQ-7652-X98J thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via adminlog

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting XSS because it fails to sanitize user input in the adminlog. This has been fixed in 3.1.12...

thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via adminlog

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to stored cross-site scripting XSS because it fails to sanitize user input in the adminlog. This has been fixed in 3.1.12...

PT-2023-16880 · Sourcecodester · Sourcecodester Online Graduate Tracer System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Graduate Tracer System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Online Graduate Tracer System. The issue affects an unknown function of the file admin/adminlog.php, where the...

Stored XSS in the adminlog functionality.

Description There is a stored XSS in the 'adminlog' functionality. E.g. the page http://phpmyfaq.local/admin/?action=adminlog shows failed login attempts. If a user with the username 'alert1;' tries to log in, it gets logged and displayed on the adminlog unsanitized. Proof of Concept 1. visit...

Cross site request forgery (csrf)

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/stat.adminlog.php...

CVE-2017-15731

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/stat.adminlog.php...

ZZ:FlashChat <= 3.1 - (adminlog) Remote File Incude Vulnerability

No description provided by source. ============================================================================================== ZZ:FlashChat = V3.1 adminlog Remote File Inclusion Exploit =============================================================================================== Critical Lev...

AdminLog 0.5 (valid_login) Authentication Bypass Vulnerability

No description provided by source. + AdminLog 0.5 Login Bypass Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + down: http://www.manlyfamily.net/wiki/doku.php?id=programming:php:adminlog + Login Bypass - Conditions : registerglobals = ON - PoC...

AdminLog 0.5 (valid_login) Authentication Bypass Vulnerability

Exploit for unknown platform in category web applications ============================================================== AdminLog 0.5 validlogin Authentication Bypass Vulnerability ============================================================== + AdminLog 0.5 Login Bypass Vulnerability + Discovere...

AdminLog 0.5 - valid_login Authentication Bypass

AdminLog 0.5 - validlogin Authentication Bypass + AdminLog 0.5 Login Bypass Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + down: http://www.manlyfamily.net/wiki/doku.php?id=programming:php:adminlog + Login Bypass - Conditions : registerglobals = ON - PoC...

AdminLog 0.5 - &#039;valid_login&#039; Authentication Bypass

AdminLog 0.5 Login Bypass Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + down: http://www.manlyfamily.net/wiki/doku.php?id=programming:php:adminlog + Login Bypass - Conditions : registerglobals = ON - PoC...

AdminLog 0.5 Authentication Bypass

AdminLog 0.5 Login Bypass Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + down: http://www.manlyfamily.net/wiki/doku.php?id=programming:php:adminlog + Login Bypass - Conditions : registerglobals = ON - PoC...

ZZ:FlashChat 3.1 - adminlog Remote File Inclusion

ZZ:FlashChat 3.1 - adminlog Remote File Inclusion ============================================================================================== ZZ:FlashChat = V3.1 adminlog Remote File Inclusion Exploit =============================================================================================...

ZZ:FlashChat <= 3.1 (adminlog) Remote File Incude Vulnerability

Exploit for unknown platform in category web applications =============================================================== ZZ:FlashChat = 3.1 adminlog Remote File Incude Vulnerability ===============================================================...