8 matches found
CVE-2020-25476
Liferay CMS Portal version 7.1.3 and 7.2.1 have a blind persistent cross-site scripting XSS vulnerability in the user name parameter to Calendar. An attacker can insert the malicious payload on the username, lastname or surname fields of its own profile, and the malicious payload will be injected...
cmsportaledc1.cms.gov Cross Site Scripting vulnerability OBB-3515824
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2020-25476
Liferay CMS Portal version 7.1.3 and 7.2.1 have a blind persistent cross-site scripting XSS vulnerability in the user name parameter to Calendar. An attacker can insert the malicious payload on the username, lastname or surname fields of its own profile, and the malicious payload will be injected...
CVE-2020-25476
CVE-2020-25476 affects Liferay CMS Portal versions 7.1.3 and 7.2.1 via a blind persistent XSS in the Calendar module’s handling of the username/lastname/surname fields in user profiles. The vulnerability allows an attacker to inject payloads that are reflected in the attacker’s own calendar and c...
DZYGroup CMS Portal Multiple SQL Injection Vulnerabilities
Exploit for php platform in category web applications .. . || | | | | | | | | / | | \ | \ \ / | |/ // \ \ | | || Y Y \ | / Y / \ | | \ | / / / / / / .org Archieve an Resource About Hacking Exploit Title: DZYGroup Portal Remote Sql Injection Vulnerability Author: Netrondoank Aka netron...
DZYGroup CMS Portal - Multiple SQL Injections
DZYGroup CMS Portal - Multiple SQL Injections .. . || | | | | | | | | / | | \ | \ \ / | |/ // \ \ | | || Y Y \ | / Y / \ | | \ | / / / / / / .org Archieve an Resource About Hacking Exploit Title: DZYGroup Portal Remote Sql Injection Vulnerability Author: Netrondoank Aka netron home...
Douran CMS V3.9.8.0 - Directory Traversal Vulnerability
Document Title: =============== Douran CMS V3.9.8.0 - Directory Traversal Vulnerability Release Date: ============= 2011-08-01 Vulnerability Laboratory ID VL-ID: ==================================== 243 Abstract Advisory Information: ============================== The vulnerability laboratory...
(GET var 'member') BLIND SQL INJECTION EXPLOIT --FAMILY CONNECTIONS <= v1.9 -->
!/usr/bin/perl -------------------------------------------------------------------------------- GET var 'member' BLIND SQL INJECTION EXPLOIT --FAMILY CONNECTIONS = v1.9 -- -------------------------------------------------------------------------------- CMS INFORMATION: --WEB:...