Engineers Online Portal Code Issue Vulnerability

Engineers Online Portal is open source an online portal . It is developed using PHP, MySQL database, HTML, CSS, Javascript, jQuery, Ajax, Bootstrap and some other libraries. A code issue vulnerability exists in SourceCodester Engineers Online Portal, which stems from a manipulation of the change...

OwnCloud 8.1.8 - Username Disclosure

Exploit Title: OwnCloud 8.1.8 - Username Disclosure Exploit Author : Daniel Moreno Exploit Date: 2019-11-29 Vendor Homepage : https://owncloud.org/ Link Software : https://ftp.icm.edu.pl/packages/owncloud/ old version. Download at your own risk Tested on OS: CentOS PoC: 1. Create an account in...

CVE-2016-0769

Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow 1 remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the 2 view, 3 mark, or 4 change parameter...

Authentication flaw

Tollgrade LightHouse SMS before 5.1 patch 3 allows remote authenticated users to bypass an intended administrative-authentication requirement, and read or change parameter values, via a direct request...

CVE-2005-4375

Cross-site scripting XSS vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376...

CVE-2005-4375

CVE-2005-4375 describes a cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier, exploitable via the change parameter. The issue is documented by NVD with a MEDIUM base score (CVSS2: 4.3) and notes it may be related to CVE-2005-4376. The connected records also include a related CVE (CV...

CVE-2005-4375

Cross-site scripting XSS vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376...