Zomato Clone Script - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Zomato Clone - Arbitrary File Upload Date: 16.01.2018 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/099S4111872/php-scripts/zomato-clone-script Demo: http://jhinstitute.com/demo/foodpanda...

Fedora 27 : php (2018-d034538627)

PHP version 7.1.13 04 Jan 2018 Core: - Fixed bug php75573 Segmentation fault in 7.1.12 and 7.0.26. Laruence - Fixed bug php75384 PHP seems incompatible with OneDrive files on demand. Anatol - Fixed bug php74862 Unable to clone instance when private clone defined. Daniel Ciochiu - Fixed bug php750...

Zomato Clone Script Arbitrary File Upload

Zomato Clone - Arbitrary File Upload Date: 16.01.2018 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/099S4111872/php-scripts/zomato-clone-script Demo: http://jhinstitute.com/demo/foodpanda/ Version: N/A Category: Webapps Tested on: Windows 10...

Zomato Clone Script - Arbitrary File Upload

Zomato Clone Script - Arbitrary File Upload Zomato Clone - Arbitrary File Upload Date: 16.01.2018 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/099S4111872/php-scripts/zomato-clone-script Demo: http://jhinstitute.com/demo/foodpanda/ Version:...

PHP Scripts Mall Resume Clone Script SQL Injection Vulnerability (CNVD-2018-00492)

Resume Clone Script is a resume clone script from PHP Scripts Mall. PHP Scripts Mall Resume Clone Script suffers from a SQL injection vulnerability. A remote attacker can exploit this vulnerability by injecting the 'username' parameter into the forget.php file to obtain user or sensitive data abo...

CVE-2017-17931

PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...

CVE-2017-17904

FS Lynda Clone has XSS via the keywords parameter to tutorial/ or the editprofilefirstname parameter to user/editprofile...

CVE-2017-17931

PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...

CVE-2017-17903

FS Lynda Clone has CSRF via user/editprofile, as demonstrated by adding content to the user panel...

CVE-2017-17903

FS Lynda Clone has CSRF via user/editprofile, as demonstrated by adding content to the user panel...

Sql injection

PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...

Command injection

FS Lynda Clone has XSS via the keywords parameter to tutorial/ or the editprofilefirstname parameter to user/editprofile...

CVE-2017-17931

CVE-2017-17931 affects PHP Scripts Mall Resume Clone Script. A SQL Injection via forget.php username parameter allows a remote attacker to obtain user/sensitive data. CNVDise and NVD corroborate the vulnerability; remediation/details on patches are not provided in the documents.

CVE-2017-17931

PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...

FS Lynda Clone Cross-Site Scripting Vulnerability

FS Lynda Clone is a video tutorial software developed with jQuery, PHP and MySQL. A cross-site scripting vulnerability exists in FS Lynda Clone. The vulnerability can be exploited to conduct cross-site scripting attacks via the keywords parameter of tutorial/ or the editprofilefirstname parameter...

CVE-2017-17904

FS Lynda Clone has XSS via the keywords parameter to tutorial/ or the editprofilefirstname parameter to user/editprofile...

CVE-2017-17904

FS Lynda Clone is affected by a cross-site scripting (XSS) vulnerability CVE-2017-17904. The issue arises via the keywords parameter to tutorial/ and the edit_profile_first_name parameter to user/edit_profile, enabling injected scripts to run in a victim’s browser. Sources confirm the vulnerabili...

CVE-2017-17903

CVE-2017-17903 affects FS Lynda Clone (video tutorial software) and is caused by a cross-site request forgery (CSRF) vulnerability in the /user/edit_profile endpoint, allowing an attacker to cause changes to the user panel by forging requests. The vulnerability’s impact is described in the initia...

CVE-2017-17903

FS Lynda Clone has CSRF via user/editprofile, as demonstrated by adding content to the user panel...

FS Lynda Clone SQL Injection Vulnerability

FS Lynda Clone is a set of scripts for video learning websites written using the PHP Codelgniter framework. A SQL injection vulnerability exists in FS Lynda Clone version 1.0. A remote attacker can exploit the vulnerability by sending the 'keywords' parameter to tutorial/ to inject SQL commands...