Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

NVD
NVDadded 2019/08/21 8:15 p.m.10 views

CVE-2018-17791

Newgen OmniFlow Intelligent Business Process Suite iBPS 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the D, creating business...

7.5CVSS7.3AI score0.00322EPSS
Exploits0References2
OSV
OSVadded 2019/08/21 8:15 p.m.2 views

CVE-2018-17791

Newgen OmniFlow Intelligent Business Process Suite iBPS 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the D, creating business...

7.5CVSS5.8AI score0.00322EPSS
Exploits0References2
Prion
Prionadded 2019/08/21 8:15 p.m.8 views

Input validation

Newgen OmniFlow Intelligent Business Process Suite iBPS 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the D, creating business...

5CVSS7.3AI score0.00322EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2019/08/21 7:24 p.m.12 views

CVE-2018-17791

Newgen OmniFlow Intelligent Business Process Suite iBPS 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the D, creating business...

7.4AI score0.00322EPSS
Exploits0References2
CVE
CVEadded 2019/08/21 7:24 p.m.36 views

CVE-2018-17791

CVE-2018-17791 affects Newgen OmniFlow iBPS 7.0. The root cause is improper server-side validation: client-side validations can be tampered, and non-editable parameters can be modified by editing a disabled form field, causing server-side data to be stored/fetched repeatedly and potentially leadi...

7.5CVSS7.3AI score0.00322EPSS
Exploits0References2Affected Software1
CNVD
CNVDadded 2017/07/26 12:0 a.m.2 views

WordPress IBPS Online Exam Plugin Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress IBPS Online Exam plugin. An attacker can exploit this...

6.7AI score
Exploits0References1
Patchstack
Patchstackadded 2017/07/21 12:0 a.m.15 views

WordPress IBPS Online Exam plugin <=1.0 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability found in WordPress IBPS Online Exam plugin =1.0 versions. Blind SQL Injection possible when logged in as a student. Solution 2017.07.29 - We were unable to find information about patched release of WordPress IBPS Online Exam plugin. Also, we were...

1.8AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDBadded 2017/07/21 12:0 a.m.21 views

WordPress Plugin IBPS Online Exam <= 1.0 - Authenticated SQL Injection / Cross-Site Scripting

Exploit Author: 8bitsec Contact Author: https://twitter.com/8bitsec Stored XSS on exam input textfields and Blind SQL Injection on 'examappUserResult' page 'id' parameter. PoC Authenticated Stored XSS: Logged as a student: Write the payload in the input textfields while attempting an exam. The...

6.5CVSS6.7AI score0.00458EPSS
Exploits3Affected Software1
Patchstack
Patchstackadded 2017/07/21 12:0 a.m.14 views

WordPress IBPS Online Exam plugin <=1.0 - Authenticated Stored Cross-site scripting (XSS) vulnerability

Authenticated Stored Cross-site scripting XSS vulnerability found in WordPress IBPS Online Exam plugin =1.0 versions by 8bitsec. The attack is possible when logged in as a student. Solution 2017.07.29 - We were unable to find information about patched release of WordPress IBPS Online Exam plugin...

1AI score
Exploits0References1Affected Software1
wpexploit
wpexploitadded 2017/07/21 12:0 a.m.18 views

WordPress Plugin IBPS Online Exam <= 1.0 - Authenticated SQL Injection / Cross-Site Scripting

Exploit Author: 8bitsec Contact Author: https://twitter.com/8bitsec Stored XSS on exam input textfields and Blind SQL Injection on 'examappUserResult' page 'id' parameter. Authenticated Stored XSS: Logged as a student: Write the payload in the input textfields while attempting an exam. The payloa...

6.5CVSS0.1AI score0.00458EPSS
Exploits3
Exploit DB
Exploit DBadded 2017/07/20 12:0 a.m.38 views

WordPress Plugin IBPS Online Exam 1.0 - SQL Injection / Cross-Site Scripting

Exploit Title: IBPS Online Exam Plugin for WordPress v1.0 - XSS SQLi Date: 2017-07-11 Exploit Author: 8bitsec Vendor Homepage: https://elfemo.com/demo/server2/order2032/ Software Link: https://codecanyon.net/item/ibps-online-exam-plugin-for-wordpress/20028534 Version: 1.0 Tested on: Kali Linux 2....

7.4AI score
Exploits0
exploitpack
exploitpackadded 2017/07/20 12:0 a.m.16 views

WordPress Plugin IBPS Online Exam 1.0 - SQL Injection Cross-Site Scripting

WordPress Plugin IBPS Online Exam 1.0 - SQL Injection Cross-Site Scripting Exploit Title: IBPS Online Exam Plugin for WordPress v1.0 - XSS SQLi Date: 2017-07-11 Exploit Author: 8bitsec Vendor Homepage: https://elfemo.com/demo/server2/order2032/ Software Link:...

0.2AI score
Exploits0
Rows per page
Query Builder