PT-2022-18336 · Semcms · Semcms

Name of the Vulnerable Software and Affected Versions: SEMCMS affected versions not specified Description: A critical vulnerability has been found in SEMCMS, affecting an unknown part of the file Ant Check.php. The manipulation of the DID argument leads to sql injection. It is possible to initiat...

CVE-2020-28938

OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users...

CVE-2020-28938

OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users...

Cross site scripting

OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users...

CVE-2020-28938

OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users...

OpenClinic Cross-Site Scripting Vulnerability

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management. A cross-site scripting vulnerability exists in OpenClinic version 0.8.2, which stems from the effects of an XSS vulnerability stored in...

CVE-2018-20609

imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI...

CVE-2018-20609

imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI...

Sql injection

zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php via a Client-Ip HTTP header...

viralmarketingbomb.com XSS vulnerability

Vulnerable URL: http://viralmarketingbomb.com/check.php?jsoncallback=prompt/OPENBUGBOUNTY/...

cuge.org XSS vulnerability

Vulnerable URL: http://www.cuge.org/fr/check.php?site=prompt/OPENBUGBOUNTY/...

zzcms user/check.php has arbitrary user password change vulnerability

ZZCMS highlights the investment and supply and demand functions, you can quickly build a product investment website. zzcms latest product version of any user password change vulnerability, the vulnerability trigger point in /user/check.php, the attacker can take advantage of the vulnerability to...

Cross site scripting

Cross-site scripting XSS vulnerability in check.php in the Validated plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the slug parameter...

Uploadify 2.1.4 Cross Site Scripting / Shell Upload

waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...

vAuthenticate 3.0.1 SQL Injection

----------------------------------------------------------------------- vAuthenticate 3.0.1 Auth Bypass by Cookie SQL Injection Vulnerability ----------------------------------------------------------------------- Author: bd0rk Contact: bd0rkathackermail.com Date: 2011 / 08 / 30 MEZ-Time: 01:35...

vAuthenticate 3.0.1 - Authentication Bypass

vAuthenticate 3.0.1 - Authentication Bypass ----------------------------------------------------------------------- vAuthenticate 3.0.1 Auth Bypass by Cookie SQL Injection Vulnerability ----------------------------------------------------------------------- Author: bd0rk Contact:...

RunCMS 2.1 - check.php Cross-Site Scripting

RunCMS 2.1 - check.php Cross-Site Scripting source: https://www.securityfocus.com/bid/41448/info RunCms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser o...

CVE-2009-2160

TorrentTrader Classic 1.09 allows remote attackers to 1 obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function; and allows remote attackers to 2 obtain other potentially sensitive information via a direct request to check.php...

CVE-2009-2160

TorrentTrader Classic 1.09 is affected by an information disclosure vulnerability where remote attackers can retrieve configuration details via phpinfo.php (calls phpinfo) and potentially access other sensitive information via check.php. The NVD entry assigns a Medium base score (CVSSv2 5.0) with...

Yellow Duck Weblog 2.1.0 Local File Inclusion

=-=-local file include-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-= script::Yellow Duck Weblog ------------------------------------------------- Author: ahmadbady =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- download...