156 matches found
13.cl Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1025502 Security Researcher MrRain1996 Helped patch 1039 vulnerabilities Received 5 Coordinated Disclosure badges Received 9 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting 13.cl website and its...
File upload vulnerability in the pr***.cl***.php file of the Laikai e-commerce system
Laike e-commerce system is an open source e-commerce system. A file upload vulnerability exists in the pr.cl.php file of Laikai E-commerce System. Attackers can use this vulnerability to obtain server privileges...
CVE-2019-19044
Two memory leaks in the v3dsubmitclioctl function in drivers/gpu/drm/v3d/v3dgem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service memory consumption by triggering kcalloc or v3djobinit failures, aka CID-29cd13cfd762...
SQL injection vulnerability in the en***.cl***.php file of Laikai e-commerce system
Laike e-commerce system is an open source e-commerce system. Laike e-commerce system en.cl.php file has a SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive information in the database...
SQL Injection Vulnerability in EmpireCMS cl***.php File
EmpireCMS is a content management system CMS. An SQL injection vulnerability exists in the EmpireCMS cl.php file, which can be exploited by attackers to obtain sensitive information...
SQL injection vulnerability in EmpireCMS cl***.php file (CNVD-2019-43134)
EmpireCMS is a content management system CMS. An SQL injection vulnerability exists in the EmpireCMS cl.php file, which can be exploited by attackers to obtain sensitive information...
SQL injection vulnerability in c**l.asp page of Chengdu Firefox Technology Co.
Chengdu Firefox Technology Co., Ltd. is a set of research, promotion, development of new technology areas of the network, mainly dedicated to the enterprise information technology services of the professional network companies, is based on the Internet to provide a comprehensive e-commerce...
SQL injection vulnerability in the co***.cl***.php file of the Seven Bears library system
Seven bears library system a similar Baidu library online document preview, selling system. A SQL injection vulnerability exists in the co.cl.php file. An attacker can exploit the vulnerability to obtain sensitive information from the database...
Arbitrary file download vulnerability in the ba***.cl***.php file of the Seven Little Bears repository system
Seven bears library system a similar Baidu library online document preview, selling system. A vulnerability exists in the ba.cl.php file of the Seven Little Bears library system, which can be exploited by an attacker to obtain sensitive information. An attacker can exploit the vulnerability to...
Lob: HTTP Request Smuggling on vpn.lob.com
Hi , vpn.lob.com is vulnerable to CL TE Front end server uses Content-Length , Back-end Server uses Transfer-encoding HTTP request smuggling attack. Steps to reproduce 1. Run the burp suite turbo intruder on the following request POST /auth/session HTTP/1.1 Host: vpn.lob.com User-Agent: Mozilla/5...
Stored Cross-site Scripting Vulnerability in the Us***.cl***.php File in the Frontend of the Feifei Movie and TV Navigation System
FeiFei Film and TV Navigation System FeiFeiCms is a free and open source PHP movie program. A stored cross-site scripting vulnerability exists in the Us.cl.php file in the frontend of FeiFeiCms. Attackers can insert malicious js code in the page to obtain user cookies and other information,...
Denial Of Service (DoS)
kernel-rt is vulnerable to denial of service DoS. The vulnerability exists as the parserockridgeinodeinternal function incorrectly handles iso9660 images with CL entry referring to a directory entry that has a CL entry...
WordPress Plugin The-CL-Amazon-Thingy Open Redirect Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An open redirection vulnerability exists in the WordPress plugin The-CL-Amazon-Thingy. An attacker can exploit the...
LmxCMS V1.4 SQL Injection Vulnerability in Frontend Se***.cl***.php
Dream Cms, hereinafter referred to as "lmxcms", is a simple and practical website management system cms developed by "10 years" screen name. A SQL injection vulnerability exists in LmxCMS V1.4 frontend Se.cl.php. An attacker can exploit the vulnerability to obtain sensitive database information...
Code Execution Vulnerability in LmxCMS V1.4 Backend Te***.cl***.php
Dream Cms, hereinafter referred to as "lmxcms", is a simple and practical website management system cms developed by "10 years" screen name. A code execution vulnerability exists in Te.cl.php in the backend of LmxCMS V1.4. An attacker can exploit this vulnerability to launch a remote command...
and1.cl XSS vulnerability
Open Bug Bounty ID: OBB-712107 Description| Value ---|--- Affected Website:| and1.cl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...
CVE-2018-17111
The CVE-2018-17111 entry concerns Coinlancer (CL) Ethereum ERC20 contract where the onlyOwner modifier has an incorrect comparison between msg.sender and owner, making functions protected by onlyOwner accessible to all contract users. Documents consistently cite this as an access-control vulnerab...
SQL injection vulnerability in cl***.php file in ZZCMS 8.3 version
ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the cl.php file in ZZCMS version 8.3. An attacker can exploit the vulnerability to obtain sensitive database information...
CVE-2017-17691
Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the username and password between server and client instances, which allows remote attackers to obtain sensitive information via a man in the middle attack...
Design/Logic Flaw
Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the username and password between server and client instances, which allows remote attackers to obtain sensitive information via a man in the middle attack...