CVE-2021-4261 pacman-canvas db-handler.php addHighscore sql injection

A vulnerability classified as critical has been found in pacman-canvas up to 1.0.5. Affected is the function addHighscore of the file data/db-handler.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 1.0.6 is able to address this issu...

CVE-2021-4261 pacman-canvas db-handler.php addHighscore sql injection

A vulnerability classified as critical has been found in pacman-canvas up to 1.0.5. Affected is the function addHighscore of the file data/db-handler.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 1.0.6 is able to address this issu...

CVE-2021-4261

The CVE-2021-4261 entry concerns pacman-canvas (up to v1.0.5). The issue is an SQL injection in the function addHighscore in data/db-handler.php, enabling remote exploitation. Affected versions include 1.0.5 and earlier; upgrading to v1.0.6 addresses the vulnerability (patch hash 29522c90ca1cebfc...

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x services Command Injection

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x services Authenticated Command Injection Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Ec...

Information Disclosure

microweber is vulnerable to information disclosure. The vulnerability exists due to a lack of sanitization in the Handler.php file allow to view sensitive information in debug mode...

Cross site request forgery (csrf)

The WP Fusion Lite WordPress plugin is vulnerable to Cross-Site Request Forgery via the showlogssection function found in the /includes/admin/logging/class-log-handler.php file which allows attackers to drop all logs for the plugin, in versions up to and including 3.37.18...

CVE-2020-25042

CVE-2020-25042 concerns Mara CMS 7.5 where an authenticated admin/manager can upload PHP via codebase/handler.php after invoking codebase/dir.php?type=filenew, enabling arbitrary code execution. The vulnerability is triggered by an authenticated session and a crafted request; public exploit detai...

hope.edu XSS vulnerability

Vulnerable URL: http://www.hope.edu/resources/php/localist/Localist-handler.php?items=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E=true=event-list-append=2016-04-16=true=2016-12-31=2016-12-31=365=2 Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:|...

WordPress rayoflight-theme Themes Remote File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress rayoflight-theme Themes Remote File Upload Vulnerability Author: iskorpitx Date: 12/11/2013 Vendor Homepage: http://www.orange-themes.com/ Themes Link: http://www.orange-themes.com/portfolio/ray-of-light/ Infected File...

WordPress reganto-theme Themes Remote File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress reganto-theme Themes Remote File Upload Vulnerability Author: iskorpitx Date: 12/11/2013 Vendor Homepage: http://www.orange-themes.com/ Themes Link: http://www.orange-themes.com/portfolio/reganto/ Infected File:...

WordPress Anthology Themes Remote File Upload Vulnerability

Exploit for php platform in category web applications . . . \ \ | / \ \ \ | || / \ / / \ / |/ \ / | / \ / / /| | |/ \ \ \ // \ / / | \ /\ / | \ \ \ / \ //\ |\ | /\ // | /|\ / / / / / / / Exploit Title: WordPress Anthology Themes Remote File Upload Vulnerability Author: Byakuya...