31 matches found
EUVD-2008-2112
Malware in sbrugna...
EUVD-2017-18225
Malware in sbrugna...
EUVD-2017-3046
Malware in sbrugna...
Billing System Project SQL注入漏洞
Billing System Project is a billing system project by Mayuri K. Individual developer. A security vulnerability exists in Billing System Project v1.0, which was discovered to contain a SQL injection vulnerability via the id parameter in editor.php...
Cross-site Scripting (XSS)
icecoder/icecoder is vulnerable to cross-site scripting. The vulnerability exists in editor.php because the conditions are not properly handled which allows an attacker to craft and send malicious scripts to an unsuspecting user...
Sql injection
Fiyo CMS 2.0.7 has SQL injection in /apps/apparticle/controller/editor.php via $POST'id' and $POST'arttitle'...
CVE-2017-11419
Fiyo CMS 2.0.7 has SQL injection in /apps/apparticle/controller/editor.php via $POST'id' and $POST'arttitle'...
CVE-2017-9289
Bram Korsten Note through 1.2.0 is vulnerable to a reflected XSS in note-source\ui\editor.php edit parameter...
CVE-2017-9289
CVE-2017-9289 affects Bram Korsten Note up to version 1.2.0, with a reflected XSS in the file note-source/ui/editor.php (edit parameter). The connected documents corroborate a cross-site scripting vulnerability in Bram Korsten Note 1.2.0 and earlier. The description does not provide concrete reme...
Sql injection
Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to 1 copy2.php, 2 localize.php, 3 metai.php, 4 nc.php, 5 new2.php, or 6 rename2.php in u5admin/; 7 c parameter to u5admin/editor.php; 8 typ parameter to...
Network Weathermap 0.97a (editor.php) - Persistent XSS
No description provided by source. Network Weathermap 0.97a - Persistent XSS Earlier versions are also possibly vulnerable. INFORMATION Product: Network Weathermap 0.97a Remote-exploit: yes Vendor-URL: http://www.network-weathermap.com/ Discovered by: Daniel Ricardo dos Santos CVE Request -...
Weathermap 0.97c (editor.php, mapname param) - Local File Inclusion
No description provided by source...
orbis cms 1.0 (afd/adf/asu/sql) Multiple Vulnerabilities
No description provided by source. + Orbis CMS 1.0 AFD/ADF/ASU/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Dork : Powered by Orbis CMS + Download script : http://www.novo-ws.com/orbis-cms/download.shtml + Arbitrary File Download + -...
CVE-2013-2618
Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter...
CVE-2013-3739
Directory traversal vulnerability in editor.php in Network Weathermap 0.97c and earlier allows remote attackers to read arbitrary files via a .. dot dot in the mapname parameter in a showconfig action...
CVE-2013-2618
CVE-2013-2618 affects Network Weathermap: an XSS in editor.php where the map_title parameter can inject arbitrary script/HTML. Vulnerable in versions before 0.97b; remote exploitation reported (e.g., exploit-db). Impact is persistent DOM/script injection as described in multiple advisories; remed...
CVE-2013-2618
Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Weathermap 0.97C Local File Inclusion
============================================= WEBERA ALERT ADVISORY 01 - Discovered by: Anthony Dubuissez - Severity: high - CVE Request - 03/06/2013 - CVE Assign - 03/06/2013 - CVE Number - CVE-2013-3739 - Vendor notification - 03/06/2013 - Vendor reply - No reply - Public disclosure - 10/06/201...
iScripts EasyCreate CMS v2.0 - Multiple Web Vulnerabilites
Title: ====== iScripts EasyCreate CMS v2.0 - Multiple Web Vulnerabilites Date: ===== 2012-06-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=588 VL-ID: ===== 588 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...
Uebimiau Web-Mail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities
No description provided by source. Uebimiau Webmail = v3.2.0-1.8 Remote File / Overwrite Vulnerabilities Dork : Uebimiau Webmail v3.2.0-1.8 POC : /uebimiau/admin/editor.php?load=config And You Can Write Any Code As ?php passthru$GETcmd; ? After That Click Write To File Go /uebimiau/index.php?cmd=...