13188 matches found
nuevoMailer 6.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: nuevoMailer version 6.0 and earlier time-based SQL Injection Exploit Author: ALEH BOITSAU Google Dork: inurl:/inc/rdr.php? Date: 2017-06-09 Vendor Homepage: https://www.nuevomailer.com/ Version: 6.0 and earlier Tested on: Linux...
WordPress WP Jobs Plugin SQL Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.WP Jobs plugin is one of the post management plugin. A SQL injection vulnerability exists in WordPress WP Jobs plug...
Sql injection
Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager CUCDM could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. More Information: CSCvc52784 CSCvc97648. Known Affected...
CVE-2017-9418
SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php...
Sql injection
SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php...
WordPress Plugin WP Jobs < 1.5 - SQL Injection
Exploit Title: WordPress Plugin WP Jobs 1.5 - SQL Injection Date: 11-06-2017 Exploit Author: Dimitrios Tsagkarakis Website: dtsa.eu Software Link: https://en-gb.wordpress.org/plugins/wp-jobs/ Vendor Homepage: http://www.intensewp.com/ Version: 1.4 CVE : CVE-2017-9603 Category: webapps 1...
CVE-2017-2195
SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2017-2195
SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function...
CVE-2017-2195
SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2016-7803
CVE-2016-7803 is a SQL injection in Cybozu Garoon 3.0.0 through 4.2.2, caused by the MultiReport function. The flaw allows remote authenticated users to execute arbitrary SQL commands against the underlying database. Affected software: Cybozu Garoon 3.0.0–4.2.2 (per multiple sources). Root cause ...
nuevoMailer 6.0 - SQL Injection
nuevoMailer 6.0 - SQL Injection Exploit Title: nuevoMailer version 6.0 and earlier time-based SQL Injection Exploit Author: ALEH BOITSAU Google Dork: inurl:/inc/rdr.php? Date: 2017-06-09 Vendor Homepage: https://www.nuevomailer.com/ Version: 6.0 and earlier Tested on: Linux CVE: CVE-2017-9730...
nuevoMailer 6.0 - SQL Injection
Exploit Title: nuevoMailer version 6.0 and earlier time-based SQL Injection Exploit Author: ALEH BOITSAU Google Dork: inurl:/inc/rdr.php? Date: 2017-06-09 Vendor Homepage: https://www.nuevomailer.com/ Version: 6.0 and earlier Tested on: Linux CVE: CVE-2017-9730 Description: SQL injection...
CVE-2017-9449
SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php. The attacker creates a crafted table name at admin/developer/modules/views/create/ and the injection is visible ...
WordPress plugin "Multi Feed Reader" vulnerable to SQL injection
Overview The WordPress plugin "Multi Feed Reader" contains an SQL injection vulnerability CWE-89. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacker who...
Sql injection
SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. The attacker creates a crafted table name at admin/developer/modules/designer/ and the injection is...
CVE-2017-9427
SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. The attacker creates a crafted table name at admin/developer/modules/designer/ and the injection is...
CVE-2017-9427
SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core\admin\modules\developer\modules\designer\form-create.php. The attacker creates a crafted table name at admin/developer/modules/designer/ and the injection is...
WordPress WP-Testimonials SQL Injection
Exploit Title: WP-Testimonials 3.4.1 Union Based SQL Injection Date: 03-06-2017 Exploit Author: Dimitrios Tsagkarakis Website: dtsa.eu Software Link: https://en-gb.wordpress.org/plugins/wp-testimonials/ Vendor Homepage: http://www.sunfrogservices.com/web-programmer/wp-testimonials/ Version: 3.4.1...