301 matches found
CVE-2018-9236
CVE-2018-9236 is a stored XSS vulnerability in iScripts EasyCreate 3.2.1 affecting the Site title (and Site Description per PoC) fields. Exploitation requires data input stored server-side and later rendered, enabling script execution in victims’ browsers. The CVSS metrics from NVD show a base sc...
CVE-2018-9236
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field...
CVE-2018-9237
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" field...
CVE-2018-9235
CVE-2018-9235 affects iScripts SonicBB 1.0. The vulnerability is a Reflected Cross-Site Scripting via the query parameter to search.php, enabling injection of arbitrary script/HTML. Public materials describe a PoC and an exploit for the vulnerable URL (search.php?query=...). The CNVD entry notes ...
iScripts EasyCreate Cross-Site Scripting Vulnerability
IScripts EasyCreate is a set of online website builder from Iscripts, Inc. The tool can be used on the server for the client to provide website building services , belong to the fully customizable . A cross-site scripting vulnerability exists in the Site Description field in IScripts EasyCreate...
iScripts EasyCreate cross-site scripting vulnerability (CNVD-2018-08315)
IScripts EasyCreate is a set of online website builder from Iscripts, Inc. The tool can be used on the server for the client to provide website building services , belong to the fully customizable . A cross-site scripting vulnerability exists in the Site title field in IScripts EasyCreate version...
iScripts EasyCreate 3.2 - siteid SQL Injection
iScripts EasyCreate 3.2 - siteid SQL Injection Exploit Title: iScripts EasyCreate v3.2 Script - SQL Injection Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.iscripts.com/ Software Buy: http://www.iscripts.com/easycreate/ Demo: http://www.demo.iscripts.com/easycreate/demo// Version:...
iScripts AutoHoster 3.0 - siteid SQL Injection
iScripts AutoHoster 3.0 - siteid SQL Injection Exploit Title: iScripts AutoHoster v3.0 Script - SQL Injection Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.iscripts.com/ Software Buy: http://www.iscripts.com/autohoster/ Demo: http://www.demo.iscripts.com/autohoster/demo/ Version:...
iScripts EasyCreate 3.2 - 'siteid' SQL Injection
Exploit Title: iScripts EasyCreate v3.2 Script - SQL Injection Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.iscripts.com/ Software Buy: http://www.iscripts.com/easycreate/ Demo: http://www.demo.iscripts.com/easycreate/demo// Version: 3.2 Tested on: Win7 x64, Kali Linux x64 Exploi...
iScripts AutoHoster 3.0 - 'siteid' SQL Injection
Exploit Title: iScripts AutoHoster v3.0 Script - SQL Injection Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.iscripts.com/ Software Buy: http://www.iscripts.com/autohoster/ Demo: http://www.demo.iscripts.com/autohoster/demo/ Version: 3.0 Tested on: Win7 x64, Kali Linux x64 Exploit...
iScripts EasyCreate Remote Code Execution Vulnerability
iScripts EasyCreate is an online website builder that can be used on a server to provide website building services to clients and is fully customizable. A remote code execution vulnerability exists in iScripts EasyCreate. The 'userImages' POST parameter of the '/ajaximageupload.php' script fails ...
iScripts EasyCreate 3.0 - Multiple Vulnerabilities
Exploit for php platform in category web applications iScripts EasyCreate 3.0 Multiple Vulnerabilities Vendor Product Description - iScripts EasyCreate is a private label online website builder. This software allows you to start an online business by offering website building services to your...
iScripts EasyCreate 3.0 - Remote Code Execution
Exploit for php platform in category web applications !C:/Python27/python.exe -u iScripts EasyCreate 3.0 Remote Code Execution Exploit Vendor: iScripts.com Product web page: http://www.iscripts.com Affected version: 3.0 Summary: iScripts EasyCreate is a private label online website builder. This...
iScripts EasyCreate 3.0 - Remote Code Execution
iScripts EasyCreate 3.0 - Remote Code Execution !C:/Python27/python.exe -u iScripts EasyCreate 3.0 Remote Code Execution Exploit Vendor: iScripts.com Product web page: http://www.iscripts.com Affected version: 3.0 Summary: iScripts EasyCreate is a private label online website builder. This softwa...
iScripts EasyCreate 3.0 - Remote Code Execution
!C:/Python27/python.exe -u iScripts EasyCreate 3.0 Remote Code Execution Exploit Vendor: iScripts.com Product web page: http://www.iscripts.com Affected version: 3.0 Summary: iScripts EasyCreate is a private label online website builder. This software allows you to start an online business by...
iScripts EasyCreate 3.0 XSS / CSRF / SQL Injection
iScripts EasyCreate 3.0 Multiple Vulnerabilities Vendor Product Description - iScripts EasyCreate is a private label online website builder. This software allows you to start an online business by offering website building services to your customers. Equipped with drag and drop design...
iScripts EasyCreate 3.0 Remote Code Execution
!C:/Python27/python.exe -u iScripts EasyCreate 3.0 Remote Code Execution Exploit Vendor: iScripts.com Product web page: http://www.iscripts.com Affected version: 3.0 Summary: iScripts EasyCreate is a private label online website builder. This software allows you to start an online business by...
iScripts EasyCreate 3.0 Remote Code Execution Exploit
Summary iScripts EasyCreate is a private label online website builder. This software allows you to start an online business by offering website building services to your customers. Equipped with drag and drop design functionality, crisp templates and social sharing capabilities, this online websi...
iScripts EasyCreate 3.0 Multiple Vulnerabilities
Summary iScripts EasyCreate is a private label online website builder. This software allows you to start an online business by offering website building services to your customers. Equipped with drag and drop design functionality, crisp templates and social sharing capabilities, this online websi...
iScripts CyberMatch 1.0 - Blind SQL Injection Vulnerability
No description provided by source. iScripts CyberMatch 1.0 Blind SQL Injection Vulnerability Name iScripts CyberMatch Vendor http://www.iscripts.com Versions Affected 1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date...