995 matches found
CICMS V2.1 18013 has xss vulnerability
CICMS system is developed by php+mysql, based on CodeIgniter, and is mainly used for enterprise building. CICMS V2.1 18013 has an xss vulnerability, which can be exploited by attackers to execute arbitrary JavaScript code...
TotalComfortSolutions Company 1.0 SQL Injection
Exploit Title : TotalComfortSolutions Company 1.0 SQL Injection Author Discovered By : KingSkrupellos Date : 30/12/2018 Vendor Homepages : totalcomfortsolutions.com Tested On : Windows and Linux Exploit Risk : Medium Category : WebApps Version Information : jQuery 1.4.11 - CodeIgniter -...
FUEL CMS Cross-Site Request Forgery Vulnerability (CNVD-2019-07072)
FUEL CMS is a content management system based on CodeIgniter. FUEL CMS 1.4.3 suffers from a cross-site request forgery vulnerability that can be exploited to add an administrator account via users/create/...
LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting
LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting Exploit Title: LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://pokkho.com/lango/ Software Link : http://pokkho.com/lango/auth/login Software :...
LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting
Exploit Title: LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://pokkho.com/lango/ Software Link : http://pokkho.com/lango/auth/login Software : LANGO - Codeigniter Multilingual Script Version : 1.0...
LANGO Codeigniter Multilingual Script Cross-Site Scripting Vulnerability
LANGO Codeigniter Multilingual Script is a multilingual support script based on Codeigniter. A cross-site scripting vulnerability exists in LANGO Codeigniter Multilingual Script version 1.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
CVE-2018-18416
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the sitename parameter to the admin/settings/update URI...
CVE-2018-18416
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the sitename parameter to the admin/settings/update URI...
Cross site scripting
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the sitename parameter to the admin/settings/update URI...
CVE-2018-18416
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the sitename parameter to the admin/settings/update URI...
CVE-2018-18416
CVE-2018-18416 affects the LANGO Codeigniter Multilingual Script 1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw in the input and upload sections, demonstrated via the site_name parameter to the admin/settings/update endpoint. The available connected documents confirm the existence of...
LANGO Codeigniter Multilingual Script 1.0 Cross Site Scripting
Exploit Title: LANGO - Codeigniter Multilingual Script 1.0 - HTML Injection and Stored XSS Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://pokkho.com/lango/ Software Link : http://pokkho.com/lango/auth/login Software : LANGO - Codeigniter Multilingual Script Version : 1.0...
LANGO Codeigniter Multilingual Script 1.0 Cross Site Scripting Vulnerability
LANGO Codeigniter Multilingual Script version 1.0 suffers from html injection and cross site scripting vulnerabilities. Exploit Title: LANGO - Codeigniter Multilingual Script 1.0 - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: http://pokkho.com/lango/ Software Lin...
DiliCMS Cross-Site Scripting Vulnerability (CNVD-2019-17480)
DiliCMS is a rapid development content management system based on CodeIgniter. DiliCMS has a cross-site scripting vulnerability that can be exploited to inject web scripts and obtain sensitive information via the attachmenturl parameter of admin/index.php/setting/site?tab=siteattachment...
codeigniter-kr.org XSS vulnerability
Open Bug Bounty ID: OBB-637201 Description| Value ---|--- Affected Website:| codeigniter-kr.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
EllisLab CodeIgniter Session Fixation Vulnerability
EllisLab CodeIgniter is the United States EllisLab company for PHP web developers to use a set of application development framework and toolkit . A session fixation vulnerability exists in EllisLab CodeIgniter versions prior to 3.1.9, which stems from the program's failure to properly handle...
Session Fixation
codeigniter/framework is vulnerable to session fixation attacks. The vulnerability exists due to the assumption that session.usestrictmode which was the default behavior of PHP 5.x...
Session fixation
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.usestrictmode in the Session Library was mishandled...
CVE-2018-12071
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.usestrictmode in the Session Library was mishandled...
CVE-2018-12071
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.usestrictmode in the Session Library was mishandled...