CVE-2022-48161

CVE-2022-48161 affects Easy Images v2.0. An arbitrary file download vulnerability exists in the component /application/down.php, exploitable via a crafted GET request. The issue is mapped with CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (base score 7.5, HIGH; network vector, no privileges, no ...

CVE-2018-14972

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS...

CVE-2018-14972

CVE-2018-14972 affects QCMS 3.0.1, with a cross-site scripting vulnerability in upload/System/Controller/backend/down.php. The issue is described across multiple records (NVD/CNVD/CVE entries) as an XSS in that file path; no specific exploit details, affected versions, or remediation are provided...

CVE-2018-14972

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS...

Earcms down.php suffers from arbitrary file download vulnerability

Ear Music Ear Music is an interface using Discuz backend style and UCHome user center style combined with the core by the high-speed template engine and caching mechanism and other frameworks coexist PHP open source music system. Earcms down.php arbitrary file download vulnerability. Allow...

Sky(skycn)procedure SQL injection vulnerability-vulnerability warning-the black bar safety net

Sky Download Station is domestic famous of download sites that offer at home and abroad the latest freeware, shareware download. Its in the country railcom, Unicom, Telecommunications, Information port, etc. are built with php+MySql set up the Download Station, a considerable part of the download...

RMSOFT Downloads Plus - (rmdp) 1.51.7 Module for XOOPS down.php?id Cross-Site Scripting

RMSOFT Downloads Plus - rmdp 1.51.7 Module for XOOPS down.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/30620/info RMSOFT Downloads Plus is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...

netForo! 0.1 - down.php?file_to_download Remote File Disclosure

netForo! 0.1 - down.php?filetodownload Remote File Disclosure netForo 0.1gfiletodownloadRemote File Disclosure Exploit D.Script: http://sourceforge.net/projects/netforo/ Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group...

netForo! 0.1 - 'down.php?file_to_download' Remote File Disclosure

netForo 0.1gfiletodownloadRemote File Disclosure Exploit D.Script: http://sourceforge.net/projects/netforo/ Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code: readfile$GET'filetodownload';...

netForo! 0.1 (down.php file_to_download) Remote File Disclosure Vuln

Exploit for unknown platform in category web applications ==================================================================== netForo! 0.1 down.php filetodownload Remote File Disclosure Vuln ==================================================================== netForo 0.1gfiletodownloadRemote Fil...