Lucene search
+L

48 matches found

zdt
zdt
added 2019/07/19 12:0 a.m.46 views

REDCap < 9.1.2 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: REDCap - Details: Since it is an onkeypress event, it is triggered whenever the user touch any key and since the XSS payload is stored in the project name it appears in several pages. - Privileges: It requires admin privileges t...

3.5CVSS0.1AI score0.02469EPSS
Exploits4
osv
osv
added 2019/03/21 4:0 p.m.5 views

CVE-2018-19514

In Webgalamb through 7.0, an arbitrary code execution vulnerability could be exploited remotely without authentication. Exploitation requires authentication bypass to access administrative functions of the site to upload a crafted CSV file with a malicious payload that becomes part of a PHP eval...

9.8CVSS6AI score0.04929EPSS
Exploits2References2
osv
osv
added 2018/06/18 2:29 p.m.7 views

CVE-2018-12530

An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF...

6.5CVSS5.9AI score0.01611EPSS
Exploits1References1
veracode
veracode
added 2016/12/30 8:37 a.m.9 views

Denial Of Service (DoS)

wger is vulnerable to denial-of-service DoS attacks. The vulnerability exists as there are no limit checks in the csv upload functionality and it is exploitable by importing large size csv...

6.7AI score
Exploits0
patchstack
patchstack
added 2016/12/12 12:0 a.m.8 views

WordPress ZX CSV Upload 1 Plugin - Authenticated SQL Injection

This plugin is prone to an SQL injection vulnerability. It allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...

3.8AI score
Exploits0References1Affected Software1
patchstack
patchstack
added 2016/12/12 12:0 a.m.11 views

WordPress ZX CSV Upload 1 Plugin - Authenticated SQL Injection

This plugin is prone to an SQL injection vulnerability. It allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...

3.8AI score
Exploits0References1Affected Software1
exploitdb
exploitdb
added 2015/11/18 12:0 a.m.32 views

WordPress Plugin Users Ultra 1.5.50 - Unrestricted Arbitrary File Upload

Exploit Title: WordPress Users Ultra Plugin Unrestricted File Upload Discovery Date: 2015/10/27 Public Disclosure Date: 2015/12/01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://usersultra.com Software Link:...

7.4AI score
Exploits0
cnvd
cnvd
added 2015/01/26 12:0 a.m.7 views

WordPress Plugin Pie Register Has Unspecified Vulnerability

WordPress is the WordPress Software Foundation of a set of PHP language development of the blogging platform, the platform supports PHP and MySQL server set up a personal blog site . Pie Register is one of the plug-ins that support customizing the member registration landing page . A security...

5CVSS6.6AI score0.07797EPSS
Exploits4References1
Rows per page
Query Builder