Joomla MyPortfolio Component SQL Injection Vulnerability

Joomla is the U.S. OpenSourceMatters team of a set of PHP and MySQL development using open source, cross-platform content management system CMS. A SQL injection vulnerability exists in the Joomla MyPortfolio component, which can be exploited by attackers to access or modify database data...

WordPress KittyCatfish Plugin SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress KittyCatfish plugin, which can be exploited by attackers to access or...

WordPress Wow Forms Plugin SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress Wow Forms plugin, which can be exploited by attackers to access or modi...

PHPCMS V9 Has Arbitrary File Read Vulnerability

PHPCMS V9 uses PHP5+MYSQL as the technical basis for development.V9 uses OOP Object Oriented Programming to build the basic operating framework. PHPCMS 9.6.1 version of the existence of arbitrary file reading vulnerability, an attacker can exploit the vulnerability to read any server file,...

WordPress KittyCatfish 2.2 SQL Injection

Exploit Title: KittyCatfish 2.2 Plugin for WordPress - SQL Injection Date: 20/03/2017 Exploit Author: TAD GROUP Vendor Homepage: https://wordpress.org/plugins-wp/kittycatfish/ Software Link: https://wordpress.org/plugins-wp/kittycatfish/ Version: 2.2 Contact: [email protected] Website: https://tad.bg...

WordPress Wow Viral Signups plugin 2.1 - SQL Injection vulnerability

Wow Viral Signups WordPress plugin version 2.1 is vulnerable to SQL injection. An attacker could exploit POST parameter 'idsignup' to access the database. Solution We can't find information about fixed version of this plugin. It's not available anymore on WordPress plugin directory. Deactivate...

WordPress Plugin Wow Forms 2.1 - SQL Injection

Exploit Title: Wow Forms v2.1 WordPress Plugin SQL Injection Date: 29/03/2017 Exploit Author: TAD GROUP Vendor Homepage: http://wow-company.com/ Software Link: https://wordpress.org/plugins/mwp-forms/ Version: 2.1 Contact: infoattad.group Website: https://tad.group Category: Web Application...

SQL injection vulnerability in the save.php file of TreeHole's external link system

TreeHole Outbound Linking System is a free and open source outbound linking system. Treehole external link system save.php file SQL injection vulnerability , the vulnerability stems from x-forwarded-for failure to adequately filter , an attacker can exploit the vulnerability to access or modify...

Oracle E-Business Suite 12.2.3 SQL Injection Vulnerability

Exploit for windows platform in category remote exploits Application: Oracle E-Business Suite Versions Affected: Oracle EBS 12.2.3 Vendor URL: http://oracle.com Bug: SQL injection Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017...

AccessPress Social Icons < 1.6.8 - Authenticated SQL Injections

During the security analysis, ThunderScan discovered SQL injection vulnerabilities in AccessPress Social Icons WordPress plugin. The easiest way to reproduce the vulnerability is to visit the provided URL while being logged in as administrator or another user that is authorized to access the plug...

AccessPress Social Icons < 1.6.8 - Authenticated SQL Injections

During the security analysis, ThunderScan discovered SQL injection vulnerabilities in AccessPress Social Icons WordPress plugin. The easiest way to reproduce the vulnerability is to visit the provided URL while being logged in as administrator or another user that is authorized to access the plug...

CVE-2017-7879

SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read the content database...

CVE-2017-7879

SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read the content database...

Adobe Campaign Security Bypass Vulnerability (CNVD-2017-05653)

Adobe Campaign formerly known as Neolane is the United States of America Odobie Adobe company's set of marketing management solutions based on Windows and Linux platforms. The program provides extended real-time interactive management and enhance distributed marketing and other features. A securi...

SQL Injection Vulnerability in Ranchi OA System Version 4.2 Order Parameters

Ranzhi OA system is a collaborative office system for small and medium-sized enterprises, which includes functional modules such as customer management crm, sales tracking, daily office and other functions OA office system, bookkeeping software and knowledge management system. A SQL injection...

SQL Injection Vulnerability in zhicms appcontroller.php Page

ZhiCms is an enterprise building system based on PHP and mysql technology. A SQL injection vulnerability exists in the zhicms appcontroller.php page. The lack of filtering of the 'Guo' parameter allows an attacker to exploit the vulnerability to obtain sensitive information about the database...

WordPress Wow Viral Signups v2.1 Plugin SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wow Viral Signups v2.1 WordPress Plugin SQL Injection Exploit Author: TAD GROUP Vendor Homepage: http://wow-company.com/ Software Link: https://wordpress.org/plugins/mwp-viral-signup/ Version: 2.1 Contact: email protected Websit...

Maian Uploader 4.0 - &#039;user&#039; SQL Injection

Exploit Title: Maian Uploader Script v4.0 - SQL Injection Google Dork: N/A Date: 04.04.2017 Vendor Homepage: http://www.maiansoftware.com/ Software: http://www.maianuploader.com/?dl=yes Demo: http://www.maiansoftware.com/demos/uploader/ Version: 4.0 Tested on: Win7 x64, Kali Linux x64 Exploit...

Xoops SQL Injection Vulnerability

XOOPS eXtensible Object Oriented Portal System is XOOPS team development and maintenance of a set of open source based on PHP and MySQL content management system . A SQL injection vulnerability exists in Xoops' findusers.php page. Since the url parameter is not filtered for malicious characters, ...

Joomla JobGrok Application Component 'Itemid' Parameter SQL Injection Vulnerability

Joomla is an open source content management system CMS. A SQL injection vulnerability exists in the 'Itemid' parameter of the Joomla JobGrok Application component, which can be exploited by attackers to access or modify database data...