CVE-2012-1915

EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xssclean Filter and perform XSS attacks...

Design/Logic Flaw

EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xssclean Filter and perform XSS attacks...

CVE-2012-1915

EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xssclean Filter and perform XSS attacks...

CVE-2012-1915

CVE-2012-1915 affects EllisLab CodeIgniter up to version 2.1.1; CodeIgniter 2.1.2 fixes bypasses of the xss_clean() filter in system/core/Security.php, enabling XSS that could bypass input filtering. Documented bypass vectors include various HTML tag/attribute configurations that bypass the filte...

Command Execution Vulnerability in Xunrui CMS V4.3.4 at Sichuan Xunrui Cloud Software Development Co.

Xunrui CMS free open source system is based on PHP7 language using the latest CodeIgniter4 as the development framework for the production of web content management framework. Sichuan Xunrui Cloud Software Development Co., Ltd. Xunrui CMS V4.3.4 there is a command execution vulnerability, attacke...

Information Disclosure Vulnerability in Xunrui CMS v4.3.3 System

Xunrui CMS content management framework is based on PHP7 language using the latest CodeIgniter4 as a development framework for the production of web content management framework, providing "computer site + mobile site + APP interface" integrated web technology solutions. XunRui CMS v4.3.3 system...

Command Execution Vulnerability in Xunrui CMS (CNVD-2019-33541)

Xunrui CMS content management framework is based on PHP7 language using the latest CodeIgniter4 as a development framework for the production of web content management framework, providing "computer site + mobile site + APP interface" integrated web technology solutions. There is a command...

Command Execution Vulnerability in CMS Co***.php File

Xunrui CMS content management framework is based on PHP7 language using the latest CodeIgniter4 as a development framework for the production of web content management framework, providing "computer site + mobile site + APP interface" integrated web technology solutions. A command execution...

Code Execution Vulnerability in CICMS v2.9

CICMS system is a php+mysql developed, CodeIgniter based enterprise building system. A code execution vulnerability exists in CICMS v2.9, which can be exploited by attackers to gain control of a web server...

CVE-2015-3907

CodeIgniter Rest Server aka codeigniter-restserver 2.7.1 allows XXE attacks...

Design/Logic Flaw

CodeIgniter Rest Server aka codeigniter-restserver 2.7.1 allows XXE attacks...

CVE-2015-3907

CodeIgniter Rest Server (codeigniter-restserver) 2.7.1 is affected by an XML External Entity (XXE) vulnerability. The CVE entry CVE-2015-3907 states XXE attacks, and connected advisories corroborate CodeIgniter Rest Server XXE vulnerability. No explicit details on affected product versions beyond...

CVE-2015-3907

CodeIgniter Rest Server aka codeigniter-restserver 2.7.1 allows XXE attacks...

0xsp-Mongoose - Privilege Escalation Enumeration Toolkit (ELF 64/32), Fast, Intelligent Enumeration With Web API Integration

Using 0xsp mongoose you will be able to scan a targeted operating system for any possible way for privilege escalation attacks, starting from collecting information stage until reporting information through 0xsp Web Application API. user will be able to scan different Linux os system at the same...

Sales ERP 8.1 - Multiple SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: SalesERP v.8.1 SQL Inj. Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://codecanyon.net/category/php-scripts?term=sales%20erp...

Clinic Pro v4 - month SQL Injection

Clinic Pro v4 - month SQL Injection Title: Clinic Pro - Clinic Management Software Date: 03.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://softwebinternational.com Software Link: https://cms.softwebinternational.com Category: Webapps Tested on: WAMPP @Win Software description: I...

Clinic Pro v4 - month SQL Injection Vulnerability

Exploit for php platform in category web applications Title: Clinic Pro - Clinic Management Software Exploit Author: Abdullah Çelebi Vendor Homepage: https://softwebinternational.com Software Link: https://cms.softwebinternational.com Category: Webapps Tested on: WAMPP @Win Software description: ...

Clinic Pro 4 SQL Injection

Title: Clinic Pro - Clinic Management Software Date: 03.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://softwebinternational.com Software Link: https://cms.softwebinternational.com Category: Webapps Tested on: WAMPP @Win Software description: It is developed by PHP Codeigniter...

Clinic Pro v4 - 'month' SQL Injection

Title: Clinic Pro - Clinic Management Software Date: 03.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://softwebinternational.com Software Link: https://cms.softwebinternational.com Category: Webapps Tested on: WAMPP @Win Software description: It is developed by PHP Codeigniter...

CSZ CMS 1.2.1 Arbitrary File Upload

i?=========================================================================================== Exploit Title: CSZ CMS 1.2.1 - Arbitrary File Upload Dork: N/A Date: 15-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.cszcms.com/ Software Link:...