CVE-2017-10182

Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications subcomponent: OPERA Export Functionality. Supported versions that are affected are 5.4.0.x, 5.4.1.x and 5.4.3.x. Difficult to exploit vulnerability allows high privileged attacker with...

UBUNTU-CVE-2017-5381

The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox 51...

phpMyAdmin SQL Injection Vulnerability (CNVD-2016-12703)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. A SQL injection vulnerability exists in phpMyAdmin. An attacker can exploit the vulnerability to trigger a SQL injection attack via the export function...

Cisco Edge 340 Series Digital Media Player File Viewing Vulnerability

The Cisco Edge 340 Series Digital Media Player is a digital media playback application device. A security vulnerability exists in the Cisco Edge 340 Series Digital Media Player that allows a remote, authenticated user to configure the export function using the WEB graphical user interface to view...

Directory traversal

Directory traversal vulnerability in an export function in the Process Center in IBM Business Process Manager BPM 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to read arbitrary files via a .. dot dot in a URL...

CVE-2014-6182

Directory traversal vulnerability in an export function in the Process Center in IBM Business Process Manager BPM 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to read arbitrary files via a .. dot dot in a URL...

WordPress LeagueManager Plugin 3.8 - SQL Injection

No description provided by source. !/usr/bin/ruby Exploit Title: WordPress LeagueManager Plugin v3.8 SQL Injection Google Dork: inurl:/wp-content/plugins/leaguemanager/ Date: 13/03/13 Exploit Author: Joshua Reynolds Vendor Homepage: http://wordpress.org/extend/plugins/leaguemanager/ Software Link...

CVE-2013-7241

Cross-site scripting XSS vulnerability in the export function in zp-core/zp-extensions/mergedRSS.php in Zenphoto before 1.4.5.4 allows remote attackers to inject arbitrary web script or HTML via the URI...

PT-2013-6301 · Zenphoto · Zenphoto

Name of the Vulnerable Software and Affected Versions: Zenphoto versions prior to 1.4.5.4 Description: The issue is related to a cross-site scripting XSS vulnerability in the export function. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the URI...

Interspire Shopping Cart v6 - Multiple Web Vulnerabilities

Title: ====== Interspire Shopping Cart v6 - Multiple Web Vulnerabilities Date: ===== 2012-06-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=593 VL-ID: ===== 593 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...