31 matches found
EUVD-2009-4726
Malware in sbrugna...
EUVD-2015-4678
Malware in sbrugna...
EUVD-2008-5763
Malware in sbrugna...
ClickHeat Cross-Site Request Forgery Vulnerability
ClickHeat is Labsmedia Cloud Computing Center developed a set of open source website heat map generation tool . The tool can count the heat distribution map of user clicks on a page , and support for Chinese display . ClickHeat 1.14 and previous versions of cross-site request forgery vulnerabilit...
CVE-2015-4659
Cross-site request forgery CSRF vulnerability in ClickHeat 1.14 and earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a config action to index.php...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in ClickHeat 1.14 and earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a config action to index.php...
CVE-2015-4659
ClickHeat 1.14 and earlier is affected by a CSRF vulnerability that allows remote attackers to hijack the administrator’s session and change the administrator password via a config action to index.php. The issue is described across multiple sources (NVD/CNVD et al.) as a cross-site request forger...
CVE-2015-4659
Cross-site request forgery CSRF vulnerability in ClickHeat 1.14 and earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a config action to index.php...
ClickHeat <= 1.14 Change Admin Password CSRF Vulnerability
Exploit for php platform in category web applications Exploit Title: ClickHeat input type="hidden" name="config" value="a:23:s:7:"logPath";s:31:"C:/xampp /htdocs/clickheat/logs/";s:9:"cachePath";s:32:"C:/xampp/htdocs/clickheat /cache/";s:8:"referers";b:0;s:6:"groups";b:0;s:8:"filesize";i:0;s:10:"...
ClickHeat 1.14 - Cross-Site Request Forgery (Change Admin Password)
ClickHeat 1.14 - Cross-Site Request Forgery Change Admin Password Exploit Title: ClickHeat input type="hidden" name="config" value="a:23:s:7:"logPath";s:31:"C:/xampp /htdocs/clickheat/logs/";s:9:"cachePath";s:32:"C:/xampp/htdocs/clickheat...
ClickHeat 1.14 - Cross-Site Request Forgery (Change Admin Password)
Exploit Title: ClickHeat input type="hidden" name="config" value="a:23:s:7:"logPath";s:31:"C:/xampp /htdocs/clickheat/logs/";s:9:"cachePath";s:32:"C:/xampp/htdocs/clickheat /cache/";s:8:"referers";b:0;s:6:"groups";b:0;s:8:"filesize";i:0;s:10:" adminLogin";s:5:"admin";s:9:"adminPass";s:32:"...
Clickheat Command Execution Vulnerability
ClickHeat is a java script library , it can help you count a page on the user clicks on the heat distribution graph , support for Chinese display . A command execution vulnerability exists in Clickheat version 1.13, which allows remote attackers to exploit the vulnerability to execute arbitrary...
Clickheat 1.13+ Remote Command Execution Vulnerability
Exploit for perl platform in category web applications Clickheat 1.13+ Unauthenticated RCE ----------------------------------- The Clickheat developers have been informed, but have not responded to my email. The code has not been updated recently and the project seems to be in an abandoned state....
ClickHeat 1.13+ - Remote Command Execution
ClickHeat 1.13+ - Remote Command Execution Clickheat 1.13+ Unauthenticated RCE ----------------------------------- The Clickheat developers have been informed, but have not responded to my email. The code has not been updated recently and the project seems to be in an abandoned state. I have...
ClickHeat 1.13+ - Remote Command Execution
Clickheat 1.13+ Unauthenticated RCE ----------------------------------- The Clickheat developers have been informed, but have not responded to my email. The code has not been updated recently and the project seems to be in an abandoned state. I have discovered a vulnerability in Clickheat 1.13...
Clickheat 1.13 Remote Command Execution
Clickheat 1.13+ Unauthenticated RCE ----------------------------------- The Clickheat developers have been informed, but have not responded to my email. The code has not been updated recently and the project seems to be in an abandoned state. I have discovered a vulnerability in Clickheat 1.13...
Joomla Component Clickheat 1.0.1 - Multiple RFI Vulnerabilities
No description provided by source. ========================================================================================================================================================= o Clickheat - Heatmap stats for Joomla! 1.0.1 Multiple Remote File Inclusion Vulnerabilities Software :...
PhpMyVisites ClickHeat Plugin <= 2.3 Unspecified Vulnerability
PhpMyVisites is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Code injection
Unspecified vulnerability in the ClickHeat plugin, as used in phpMyVisites before 2.4, has unknown impact and attack vectors. NOTE: due to lack of details from the vendor, it is not clear whether this is related to CVE-2008-5793...
CVE-2009-4763
Unspecified vulnerability in the ClickHeat plugin, as used in phpMyVisites before 2.4, has unknown impact and attack vectors. NOTE: due to lack of details from the vendor, it is not clear whether this is related to CVE-2008-5793...