Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File

Description Formula Injection/CSV Injection in "Firstname" & "Lastname" due to Improper Neutralization of Formula Elements in CSV File. Proof of Concept 1.Go to a Preferences from the user account and in Personal info of "Firstname" & "Lastname" insert the below payloads. 2.Payloads:-...

Revive Adserver: Cross Site Scripting and Open Redirect in affiliate-preview.php file

Summary: Stored XSS can be submitted on the Website using Default Manager, and anyone who will check the report the XSS and Open Redirect will trigger. Description: Stored XSS, also known as persistent XSS, is the more damaging than non-persistent XSS. It occurs when a malicious script is injecte...

Network Management Card 6.2.0 - Host Header Injection Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Network Management Card 6.2.0 - Host Header Injection Exploit Author: Amal E Thamban,Kamal Paul Vendor Homepage: https://www.apc.com/in/en/ Software Link: https://www.apc.com/shop/in/en/products/Network-Management-Card...

marillion.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-595044 Description| Value ---|--- Affected Website:| marillion.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

HackerOne: Interstitial redirect bypass / open redirect in https://hackerone.com/zendesk_session

Hi guys , I have found a way to use the open redirect vulnerability that zendesk refused to fix and we discussed it in 101146 to bypass intristial redirect. in 101146 , @bencode said : I tend to agree with Zendesk, we don't really see any security issues with it. We use our interstitial to warn t...

dutch Book php - Remote file inclusion

Exploit for php platform in category web applications ====================================== dutch Book php - Remote file inclusion ====================================== dutch Book php - Remote file inclusion Author: Poltergeisth4cker Team: Inj3ct0r Team inj3ct0r.com Contact: email protected...

wordpress-rfi.txt

WordPress Remote File Inclusion Download:http://wordpress.org/latest.zip Found by ANtrAX http://foro.c-group.org Vulnerable Code: global $posts, $post, $wpdidheader, $wpdidtemplateredirect, $wpquery, $wprewrite, $wpdb; extract$wpquery-queryvars; requireonce$file; ..... Affected File:...

iPrimal Forums Remote File Inclusion

iPrimal Forums Remote File Inclusion Download:http://ipigroup.org/downloads/forums.zip Found by Bl0od3r Vulnerable Code: line 126-129 ..... if$GET'p' == '' echo 'Please select an item from the menu above.'; else include$GET'p'.'.php'; ..... Affected File: /admin/index.php = Vulnerability:...

PHPht-rfi.txt

BiyoSecurity.Org & SecurityWall.Org Scripts: PHPht Topsites Remote File İnclude Download: http://www.linkini.net/phpscripts/descargas/Top%20Sites%208%20Archivos/PHPht%20Topsites.zip Greetz : Liz0zim , RMx , TRIP , DreamLord Regards : KorsaN Vulnerable file : All Files := vulnerable code :...