21 matches found
EUVD-2017-3288
Malware in sbrugna...
EUVD-2017-3290
Malware in sbrugna...
EUVD-2017-3289
Malware in sbrugna...
Hashtopus SQL Injection Vulnerability
Hashtopus is a cross-platform client-server tool for distributing hash table tasks between multiple computers. A SQL injection vulnerability exists in Hashtopus version 1.5g. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the help of the 'format' parameter...
Hashtopus Cross-Site Scripting Vulnerability
Hashtopus is a cross-platform client-server tool for distributing hash table tasks between multiple computers. A cross-site scripting vulnerability exists in Hashtopus version 1.5g. A remote attacker can exploit this vulnerability by sending a query string to the admin.php file to inject arbitrar...
Hashtopus Cross-Site Request Forgery Vulnerability
Hashtopus is a cross-platform client-server tool for distributing hash table tasks between multiple computers. A cross-site request forgery vulnerability exists in Hashtopus version 1.5g. A remote attacker could exploit this vulnerability to perform unauthorized operations...
CVE-2017-11678
SQL injection vulnerability in Hashtopus 1.5g allows remote authenticated users to execute arbitrary SQL commands via the format parameter in admin.php...
Cross site scripting
Cross-site scripting XSS vulnerability in Hashtopus 1.5g allows remote attackers to inject arbitrary web script or HTML via the query string to admin.php...
CVE-2017-11677
Cross-site scripting XSS vulnerability in Hashtopus 1.5g allows remote attackers to inject arbitrary web script or HTML via the query string to admin.php...
Sql injection
SQL injection vulnerability in Hashtopus 1.5g allows remote authenticated users to execute arbitrary SQL commands via the format parameter in admin.php...
CVE-2017-11679
Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...
CVE-2017-11677
Cross-site scripting XSS vulnerability in Hashtopus 1.5g allows remote attackers to inject arbitrary web script or HTML via the query string to admin.php...
CVE-2017-11678
SQL injection vulnerability in Hashtopus 1.5g allows remote authenticated users to execute arbitrary SQL commands via the format parameter in admin.php...
CVE-2017-11679
Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...
CVE-2017-11678
Hashtopus has a reported SQL injection vulnerability (CVE-2017-11678) affecting version 1.5g. The issue allows an attacker who is authenticated remotely to execute arbitrary SQL commands via the format parameter in admin.php, potentially impacting data confidentiality, integrity, and availability...
CVE-2017-11677
Hashtopus 1.5g is affected by a Cross-Site Scripting (XSS) vulnerability that can be triggered by a crafted query string sent to admin.php, enabling the injection of arbitrary web script or HTML. The root cause is an input handling flaw in the web interface that processes the query string without...
CVE-2017-11678
SQL injection vulnerability in Hashtopus 1.5g allows remote authenticated users to execute arbitrary SQL commands via the format parameter in admin.php...
CVE-2017-11677
Cross-site scripting XSS vulnerability in Hashtopus 1.5g allows remote attackers to inject arbitrary web script or HTML via the query string to admin.php...
CVE-2017-11679
CVE-2017-11679 describes a CSRF in Hashtopus 1.5g where an attacker can trigger actions via the password parameter to admin.php in an a=config action. The connected records confirm the vulnerability exists in Hashtopus 1.5g and identify the vulnerable parameter and endpoint, but they do not provi...