12 matches found
CVE-2022-33897
A directory traversal vulnerability exists in the webserver /ajax/remove/ functionality of Robustel R1510 3.1.16. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-43019
OpenCATS v0.9.6 was discovered to contain a remote code execution RCE vulnerability via the getDataGridPager's ajax functionality...
Remote code execution
OpenCATS v0.9.6 was discovered to contain a remote code execution RCE vulnerability via the getDataGridPager's ajax functionality...
EUVD-2022-46068
OpenCATS v0.9.6 was discovered to contain a remote code execution RCE vulnerability via the getDataGridPager's ajax functionality...
CVE-2022-43019
OpenCATS v0.9.6 was discovered to contain a remote code execution RCE vulnerability via the getDataGridPager's ajax functionality...
CVE-2022-43019
CVE-2022-43019 : OpenCats/OpenCATS v0.9.6 has a remote code execution (RCE) flaw via the getDataGridPager AJAX function. The issue affects the OpenCATS web UI component and is described as a vulnerable path in the AJAX handling, leading to high-impact impact (CVE indicates CRITICAL, network acces...
CVE-2014-9735
The ThemePunch Slider Revolution revslider plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to 1 upload and execute arbitrary files via an updateplugin...
CVE-2014-9735
The ThemePunch Slider Revolution revslider plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to 1 upload and execute arbitrary files via an updateplugin...
Wordpress Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities Google Dork: N/A Date: 09.09.2014 Exploit Author: Fikri Fadzil - email protected Vendor Homepage - http://wpsuportplus.byethost7.com/...
WordPress Plugin WP Support Plus Responsive Ticket System 2.0 - Multiple Vulnerabilities
WordPress Plugin WP Support Plus Responsive Ticket System 2.0 - Multiple Vulnerabilities Exploit Title: Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities Google Dork: N/A Date: 09.09.2014 Exploit Author: Fikri Fadzil - [email protected] Vendor...
CVE-2013-5356
Sharetronix 3.1.1.3, 3.1.1, and earlier does not properly restrict access to unspecified AJAX functionality, which allows remote attackers to bypass authentication via unknown vectors...
Authentication flaw
Sharetronix 3.1.1.3, 3.1.1, and earlier does not properly restrict access to unspecified AJAX functionality, which allows remote attackers to bypass authentication via unknown vectors...