58 matches found
EUVD-2005-0898
Malware in sbrugna...
EUVD-2005-0899
Malware in sbrugna...
EUVD-2008-6212
Malware in sbrugna...
EUVD-2008-3580
Malware in sbrugna...
PT-2024-4170
Adobe Commerce and Magento Open Source Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected. Description Adobe Commerce and Magento Open Source are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability. This issue could allow an...
MagicScripts E-Store Kit-2 PayPal Edition Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12910/info MagicScripts E-Store Kit-2 PayPal Edition is prone to a remote file include vulnerability. Remote attackers could potentially exploit this issue to include a remote malicious PHP script. If the attacker is able...
Allomani - E-Store 1.0 - CSRF Add Admin Account
No description provided by source. Exploit Title: Allomani - E-Store v1.0 - CSRF Add Admin Account Date: 29-06-2010 Author: G0D-F4Th3r Software Link: http://allomani.com/ Version: 1.0 html body onload=javascript:fireForms form method=POST name=form0 action= http://www.site.com/path/admin/index.ph...
E-Store Kit- <= 2 PayPal Edition (pid) SQL Injection Vulnerability
No description provided by source. Viva IslaM Viva IslaM Remote SQL Injection Vulnerability E-Store Kit-1 viewdetails.php pid E-Store Kit-2 viewdetails.php pid E-Store Kit-1 Pro PayPal Edition viewdetails.php pid E-Store Kit-2 PayPal Edition viewdetails.php pid www.magicscripts.com AuTh0r : Mr.SQ...
MagicScripts E-Store Kit-2 PayPal Edition Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12909/info MagicScripts E-Store Kit-2 PayPal Edition is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. Thi...
Allomani E-Store 1.0 - CSRF Vulnerability (Add Admin)
No description provided by source. E-Store 1.0 XSRF Vulnerability Add Admin ==================================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://allomani.com/en/storescript.html === Exploit === form method=POST name=form0...
Authentication flaw
The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIXSMSALEUID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack...
CVE-2013-6788
CVE-2013-6788 affects Bitrix Site Manager’s Bitrix e-Store module prior to 14.0.1. The vulnerability stems from sequential BITRIX_SM_SALE_UID cookie values, enabling remote unauthenticated attackers to guess cookie values by brute force and bypass authentication to view or manipulate another user...
CVE-2013-6788
The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIXSMSALEUID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack...
E-Store (1.0 & 2.0) <= SQL Injection Vulnerability
Exploit Author: Nawaf Alkeraithe ====================================== for "E-store 1.0": Google Dork: "Powered by: PD" inurl:"page.php?id" Vulnerable page: http://target/page.php?id=SQL Injection ====================================== for "E-store 2.0": Google Dork: "Powered by: PD"...
Professional Designer E-Store - id Multiple SQL Injections
Professional Designer E-Store - id Multiple SQL Injections source: https://www.securityfocus.com/bid/66100/info E-Store is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow a...
E-Store 1.0 / 2.0 SQL Injection
Exploit Author: Nawaf Alkeraithe ====================================== for "E-store 1.0": Google Dork: "Powered by: PD" inurl:"page.php?id" Vulnerable page: http://target/page.php?id=SQL Injection ====================================== for "E-store 2.0": Google Dork: "Powered by: PD"...
Professional Designer E-Store - 'id' Multiple SQL Injections
source: https://www.securityfocus.com/bid/66100/info E-Store is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify...
E-Store (1.0 & 2.0) <= SQL Injection Vulnerability
SQL Injection Vulnerability in the "E-Store 1&2" scripts which is developed by UAEPD. Usage Info For "E-store 1.0": http://target/page.php?id=SQL Injection For "E-store 2.0": http://target/news.php?id=SQL Injection Exploit Author: Nawaf Alkeraithe ====================================== for "E-sto...
Allomani E-Store 1.0 XSRF Vulnerability (Add Admin)
Exploit for php platform in category web applications .:. Author : AtT4CKxT3rR0r1ST email protected .:. Script : http://allomani.com/en/storescript.html === Exploit === 0day.today 2018-04-09...
Allomani E-Store 1.0 - Cross-Site Request Forgery (Add Admin) (2)
Allomani E-Store 1.0 - Cross-Site Request Forgery Add Admin 2 E-Store 1.0 XSRF Vulnerability Add Admin ==================================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://allomani.com/en/storescript.html === Exploit ===...