317 matches found
CVE-2017-14247
SQL Injection exists in the EyesOfNetwork web interface aka eonweb 5.1-0 via the userid cookie to header.php, a related issue to CVE-2017-1000060...
CVE-2016-5739
The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy CSP protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication toke...
Mao10CMS Theme\default\Public\header.php id parameter SQL injection
No description provided by source...
WordPress Header.php Unauthorized Code Injection
A Code Injection vulnerability has been reported in WordPress. Successful exploitation of this vulnerability would allow a remote attacker to redirect the clients who access an Infected WordPress website to an attacker-controlled page, and infect the client host...
CMSEASY 5.5 /celive/live/header.php SQL注入漏洞
No description provided by source...
CVE-2014-9400
CVE-2014-9400 concerns the WordPress plugin “WP Unique Article Header Image” (version 1.0 and earlier). The connected sources confirm CSRF vulnerabilities that allow an attacker to hijack an administrator’s authentication for requests leading to cross-site scripting (XSS) via the parameters gt_de...
CMSEasy 5.5 /celive/live/header.php SQL注入漏洞
No description provided by source...
PHPNuke 6.x/7.x Header.PHP Pagetitle Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16608/info PHPNuke is prone to a cross-site scripting vulnerability. This issue affects the 'header.php' script. PHPNuke 7.8 and prior versions are reportedly vulnerable...
AWCM 2.2 final - Local File Inclusion Vulnerability
No description provided by source. +Exploit Title: awcm v2.2 final Local File Inclusion +Date: 26-01-2011 +Author: Cucura , Ste@lth Bl@ckFalc0n +Software Link: www.awcm-cms.com +Version: v2.2 +CVE : - +Contact: BlackcucuraatGmail.com http://sourceforge.net/projects/awcm/files/...
Phorum 3.3.2 Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/4767/info Phorum is a PHP based web forums package designed for most UNIX variants, Linux, and Microsoft Windows operating systems. The 'header.php' and 'footer.php' components of Phorum do not santize the client-supplied...
OpenGuestbook 0.5 header.php title Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18666/info OpenGuestbook is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful...
ME Download System <= 1.3 (header.php) Remote Inclusion Vulnerability
No description provided by source. +-------------------------------------------------------------------- + + ME Download System 1.3 Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: ME Download System 1.3 + Venedor ...........:...
Asn Guestbook 1.5 - header.php version Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14356/info Asn Guestbook is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issu...
PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/Xss)
No description provided by source. Exploit Title: PHPDirector Game Edition Multiple Vulnerabilities LFI/SQLi/Xss Date: 2010-01-05 Author: Zer0 Thunder Site : http://www.play-online.bzh.be/forum/ Version: v0.1 Tested on: Windows XP sp2 WampServer 2.0i / LinuxBox Ubuntu Server 9.10 CVE : Code : Loc...
acute control panel 1.0.0 (sql/rfi) Multiple Vulnerabilities
No description provided by source. + Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php ----------------------------------------------------------- ?php...
MySource 2.14 header.php bgcolor Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15132/info MySource is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
phpbms 0.96 Multiple Vulnerabilities
No description provided by source. phpBMS v0.96 phpbms.org eLwauxc2009, uasc.org.ua http://phpbms.org/trial/ SQL Inj -------------------------------------------------------------------------------------------------------------------------------------------------------------------------...
ttCMS 2.2/2.3 Header.PHP Remote File Include Vulnerability
No description provided by source...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in eXtplorer 2.1.3, when used as a component for Joomla!, allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 application.js.php in scripts/ or 2 admin.php, 3 copymove.php, 4 functions.php, 5 header.php, or 6...
CVE-2013-5951
Multiple cross-site scripting XSS vulnerabilities in eXtplorer 2.1.3, when used as a component for Joomla!, allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 application.js.php in scripts/ or 2 admin.php, 3 copymove.php, 4 functions.php, 5 header.php, or 6...