8 matches found
EUVD-2017-3289
Malware in sbrugna...
CVE-2017-11679
Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...
CVE-2017-11678
SQL injection vulnerability in Hashtopus 1.5g allows remote authenticated users to execute arbitrary SQL commands via the format parameter in admin.php...
Sql injection
SQL injection vulnerability in Hashtopus 1.5g allows remote authenticated users to execute arbitrary SQL commands via the format parameter in admin.php...
CVE-2017-11678
SQL injection vulnerability in Hashtopus 1.5g allows remote authenticated users to execute arbitrary SQL commands via the format parameter in admin.php...
CVE-2017-11679
CVE-2017-11679 describes a CSRF in Hashtopus 1.5g where an attacker can trigger actions via the password parameter to admin.php in an a=config action. The connected records confirm the vulnerability exists in Hashtopus 1.5g and identify the vulnerable parameter and endpoint, but they do not provi...
CVE-2017-11678
Hashtopus has a reported SQL injection vulnerability (CVE-2017-11678) affecting version 1.5g. The issue allows an attacker who is authenticated remotely to execute arbitrary SQL commands via the format parameter in admin.php, potentially impacting data confidentiality, integrity, and availability...