9 matches found
PT-2026-26475
Summary The setPassword.json.php endpoint in the CustomizeUser plugin allows administrators to set a channel password for any user. Due to a logic error in how the submitted password value is processed, any password containing non-numeric characters is silently coerced to the integer zero before...
Fashion Shopping Cart 0.1 - SQL Injection
Fashion Shopping Cart 0.1 - SQL Injection Exploit Title.............. Fashion Shopping Cart SQL Injection Google Dork................ N/A Date....................... 14/10/2016 Exploit Author............. lahilote Vendor Homepage............ http://www.sourcecodester.com/node/10435 Software...
siteengine 5.x Multiple Vulnerabilities
No description provided by source. SiteEngine 5.x Multiple Remote Vulnerabilities Due to incorrect use of intval function, leading to the logic of inspection parameters can be bypassed, resulting in SQL injection vulnerability. -=0x01=- SQL injection Vulnerability vul code like this: if intval $i...
intval()is used improperly cause a security vulnerability analysis-vulnerability warning-the black bar safety net
author: xy780sec.com from: A description of the classification intval function has two characteristics:"until the encounter on the numbers or the positive and negative symbols before starting to do the conversion, and then encounter non-numeric or string at the end\0end of conversion",in certain...
intval()is used improperly cause a security vulnerability analysis-vulnerability warning-the black bar safety net
author: xy780sec.com from:http://www. 80vul. com/pch/ A description of the classification intval function has two characteristics:"until the encounter on the numbers or the positive and negative symbols before starting to do the conversion, and then encounter non-numeric or string at the end\0end...
intval()is used improperly cause a security vulnerability analysis-vulnerability warning-the black bar safety net
A description of the classification intval function has two characteristics:"until the encounter on the numbers or the positive and negative symbols before starting to do the conversion, and then encounter non-numeric or string at the end\0end of conversion",in certain applications due to the...
siteengine-sqlredirphpinfo.txt
Due to incorrect use of intval function, leading to the logic of inspection parameters can be bypassed, resulting in SQL injection vulnerability. -=0x01=- SQL injection Vulnerability vul code like this: if intval $id requireonce $siteengineroot."lib/rss.php" ; $sql = "SELECT url FROM...
SiteEngine 5.x - Multiple Vulnerabilities
SiteEngine 5.x Multiple Remote Vulnerabilities Due to incorrect use of intval function, leading to the logic of inspection parameters can be bypassed, resulting in SQL injection vulnerability. -=0x01=- SQL injection Vulnerability vul code like this: if intval $id requireonce...
SiteEngine 5.x - Multiple Vulnerabilities
SiteEngine 5.x - Multiple Vulnerabilities SiteEngine 5.x Multiple Remote Vulnerabilities Due to incorrect use of intval function, leading to the logic of inspection parameters can be bypassed, resulting in SQL injection vulnerability. -=0x01=- SQL injection Vulnerability vul code like this: if...