18 matches found
Gnew 2018.1 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: Gnew 2018.1 - Cross-Site Request Forgery Exploit Author: Cyril Vallicari / HTTPCS - ZIWIT Vendor website : http://gnew.xyz/ Software download : http://www.gnew.xyz/pages/download.php Version: 2018.1 Tested on: Windows 10 Home x6...
Robert 0.5 - Multiple Vulnerabilities
Exploit Title: Robert 0.5 - Multiple Vulnerabilities XSS, CSRF, Directory traversal & SQLi Date: 07/06/2017 Exploit Author: Cyril Vallicari / HTTPCS - ZIWIT Vendor website :http://robert.polosson.com/ Download link : https://github.com/RobertManager/robert/archive/master.zip Live demo :...
Flyspray 1.0-rc4 Cross Site Scripting
HTTPCS Advisory : HTTPCS160 Product : Flyspray Version : 1.0-rc4 Date : 2017-04-24 Criticality level : Less Critical Description : A vulnerability has been discovered in Flyspray , which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'realname'...
[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability
HTTPCS Advisory : HTTPCS127 Product : ClanSphere Version : 2011.4 Date : 2014-03-07 Criticality level : Less Critical Description : A vulnerability has been discovered in ClanSphere, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'where'...
ClanSphere 2011.4 Cross Site Scripting
HTTPCS Advisory : HTTPCS127 Product : ClanSphere Version : 2011.4 Date : 2014-03-07 Criticality level : Less Critical Description : A vulnerability has been discovered in ClanSphere, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'where'...
OurWebFTP 5.3.5 Cross Site Scripting
HTTPCS Advisory : HTTPCS112 Product : OurWebFTP Version : 5.3.5 Page : /index.php Variables : mwbcontrol2=Enter&mwacontrol2=op:login&ftphost=VulnHTTPCS Type : XSS Method : POST Description : A vulnerability has been discovered in OurWebFTP, which can be exploited by malicious people to conduct...
Dolibarr 3.2.2 Cross Site Scripting / SQL Injection
HTTPCS Advisory : HTTPCS94 Product : Dolibarr Version : 3.2.2 Date : 2012-10-19 Criticality level : Highly Critical Description : A vulnerability has been discovered in Dolibarr, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the 'rights' parameter t...
Handshakes Professional 4.1 SQL Injection
HTTPCS Advisory : HTTPCS70 Product : Handshakes Professional Version : 4.1 Date : 2012-10-01 Criticality level : Highly Critical Description : A vulnerability has been discovered in Handshakes Professional, which can be exploited by malicious people to conduct SQL injection attacks. Input passed...
AShop 5.3.4 Cross Site Scripting
HTTPCS Advisory : HTTPCS104 Product : AShop Version : 5.3.4 Date : 2012-09-20 Criticality level : Less Critical Description : A vulnerability has been discovered in AShop, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'language' parameter...
FreeWebshop 2.2.9 Cross Site Scripting / SQL Injection
HTTPCS Advisory : HTTPCS98 Product : FreeWebshop Version : 2.2.9 Date : 2012-09-17 Criticality level : Highly Critical Description : A vulnerability has been discovered in FreeWebshop, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the 'searchfor'...
AsaanCart 0.9 Cross Site Scripting
HTTPCS Advisory : HTTPCS97 Product : AsaanCart Version : 0.9 Date : 2012-09-13 Criticality level : Less Critical Description : A vulnerability has been discovered in AsaanCart, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'categoryname'...
ArticleSetup 1.1 SQL Injection
HTTPCS Advisory : HTTPCS86 Product : ArticleSetup Version : 1.1 Date : 2012-09-03 Criticality level : Highly Critical Description : A vulnerability has been discovered in ArticleSetup, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the 'cat' paramete...
Plogger 1.0 RC1 Cross Site Scripting
HTTPCS Advisory : HTTPCS83 Product : Plogger Version : 1.0 RC1 Date : 2012-08-28 Criticality level : Less Critical Description : A vulnerability has been discovered in Plogger, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'sortby'...
W-Agora 4.2.1 SQL Injection
HTTPCS Advisory : HTTPCS79 Product : w-agora Version : 4.2.1 Date : 2012-08-17 Criticality level : Highly Critical Description : A vulnerability has been discovered in w-agora, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the 'pattern' parameter to...
InterPhoto Image Gallery 2.5.1 Cross Site Scripting
HTTPCS Advisory : HTTPCS67 Product : InterPhoto Image Gallery Version : 2.5.1 Date : 2012-08-07 Criticality level : Less Critical Description : A vulnerability has been discovered in InterPhoto Image Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks. Inpu...
WooPress 1 Cross Site Scripting
HTTPCS Advisory : HTTPCS57 Product : WooPress Version : v.1 Date : 2012-08-04 Criticality level : Less Critical Description : A vulnerability has been discovered in WooPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'page' parameter ...
phpList 2.10.18 Cross Site Scripting
HTTPCS Advisory : HTTPCS25 Product : phpList Version : 2.10.18 Date : 2012-07-09 Criticality level : Less Critical Description : A vulnerability has been discovered in phpList, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'footer'...
phpList 2.10.18 Cross Site Scripting
HTTPCS Advisory : HTTPCS1 Product : phpList Version : 2.10.18 Date : 2012-06-13 Criticality level : Less Critical Description : A vulnerability has been discovered in phpList, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'id' parameter t...