9 matches found
CVE-2017-15375
Multiple client-side cross site scripting vulnerabilities have been discovered in the WpJobBoard v4.5.1 web-application for WordPress. The vulnerabilities are located in the query and id parameters of the wpjb-email, wpjb-job, wpjb-application, and wpjb-membership modules. Remote attackers are ab...
CVE-2025-30164
The CVE-2025-30164 issue in Icinga Web 2 is an open redirect vulnerability affecting versions before 2.11.5 and 2.12.13, where an authenticated (or easily authenticated) user could be redirected to an arbitrary location via a crafted URL. The root cause is the backend’s redirect logic allowing ar...
CVE-2025-30164 Icinga Web 2 has open redirect on login page
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an attacker to craft a URL that, once visited by an authenticated user or one that is able to authenticate, allows to...
CVE-2025-30164 Icinga Web 2 has open redirect on login page
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an attacker to craft a URL that, once visited by an authenticated user or one that is able to authenticate, allows to...
Purei CMS 1.0 - SQL Injection Vulnerability
Exploit Title: Purei CMS 1.0 - SQL Injection Exploit Author: Number 7 Vendor Homepage: purei.com Version: 1.0 Tested on: Linux Introduction: An SQL injection vulnerability permits attackers to modify backend SQL statements through manipulation of user input. Such an injection transpires when web...
Purei CMS 1.0 SQL Injection
Exploit Title: Purei CMS 1.0 - SQL Injection Date: 27-03-2024 Exploit Author: Number 7 Vendor Homepage: purei.com Version: 1.0 Tested on: Linux Introduction: An SQL injection vulnerability permits attackers to modify backend SQL statements through manipulation of user input. Such an injection...
Remote Code Execution (RCE)
October CMS is vulnerable to Remote Code Execution RCE. The vulnerability exists because the library does not properly sanitize the user input before rendering, allowing an attacker who has access to the backend to manipulate web pages via cms.safemode or cms.enableSafeMode to execute arbitrary...
CVE-2017-15375
Multiple client-side cross site scripting vulnerabilities have been discovered in the WpJobBoard v4.5.1 web-application for WordPress. The vulnerabilities are located in the query and id parameters of the wpjb-email, wpjb-job, wpjb-application, and wpjb-membership modules. Remote attackers are ab...
mlecms multi-language enterprise website management system v2. 3 newest vulnerabilities 0day-vulnerability warning-the black bar safety net
Vulnerability defects: the storage typexss 漏洞 文件 :links.php Loopholes in the application link at the website name and logo at the address, because the site name“webname”is post GET and didn't do the filter soxssappeared! Using description: xsshit the backend to get webshell Background get a shell...