17 matches found
Appspace 授权问题漏洞
Appspace is an application from the US-based Appspace Inc. Provides built-in content strategies to easily implement and execute team communication programs. Appspace version 6.2.4 suffers from an authorization issue vulnerability that stems from being susceptible to authentication mechanism...
Cross site request forgery (csrf)
EmpireCMS 7.5.0 has XSS via the from parameter to e/member/doaction.php, as demonstrated by a CSRF payload that changes the dynamic page template. The attacker can choose to resend the e/template/member/regsend.php registered activation mail page...
CVE-2018-14954
The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute...
The vulnerability of the ChkAdminViewUsrPwd1 component in the Advantech WebAccess remote monitoring software allows a perpetrator to execute arbitrary code.
The vulnerability of the ChkAdminViewUsrPwd1 component mailPg.asp in the Advantech WebAccess remote monitoring software is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the ProjectName and...
anymaritime.com XSS vulnerability
Open Bug Bounty ID: OBB-560716 Description| Value ---|--- Affected Website:| anymaritime.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
WordPress Video Gallery Plugin 2.8 Arbitrary Mail Relay Vulnerability
Exploit for php platform in category web applications Exploit Title : Wordpress Video Gallery 2.8 Unprotected Mail Page Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage :...
WordPress Video Gallery Plugin 2.8 - Arbitrary Mail Relay
There is Unprotected Mail Page in this plugin. The vulnerability allows phishing, mailbombing, spam, also, it is exploitable to DOS. Solution Update the plugin...
WordPress Plugin Video Gallery 2.8 - Arbitrary Mail Relay
Exploit Title : Wordpress Video Gallery 2.8 Unprotected Mail Page Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage : http://www.apptha.com/category/extension/Wordpress/Video-Gallery Software...
WordPress Plugin Video Gallery 2.8 - Arbitrary Mail Relay
WordPress Plugin Video Gallery 2.8 - Arbitrary Mail Relay Exploit Title : Wordpress Video Gallery 2.8 Unprotected Mail Page Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage :...
WordPress Video Gallery 2.8 Unprotected Mail Page Vulnerability
Exploit for php platform in category web applications Exploit Title : Wordpress Video Gallery 2.8 Unprotected Mail Page Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage :...
WordPress Video Gallery 2.8 Unprotected Mail Page
Exploit Title : Wordpress Video Gallery 2.8 Unprotected Mail Page Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage : http://www.apptha.com/category/extension/Wordpress/Video-Gallery Software...
WordPress Video Gallery Plugin <= 2.8 - Unprotected Mail Page
This plugin is prone to an unprotected mail page vulnerability. Solution Update the plugin...
WordPress Video Gallery <= 2.8 - Unprotected Mail Page
Any user can send email from /contus-video-gallery/email.php to any recipients...
XSRF vulnerability in the Mail Page plugin
We have identified and fixed a cross-site request forgery XSRF vulnerability which may affect Confluence instances in a public environment. The XSRF vulnerability is exposed in the Confluence Mail Page plugin. Note that the Mail Page plugin is disabled by default. If you do not have this plugin...
XSRF vulnerability in the Mail Page plugin
We have identified and fixed a cross-site request forgery XSRF vulnerability which may affect Confluence instances in a public environment. The XSRF vulnerability is exposed in the Confluence Mail Page plugin. Note that the Mail Page plugin is disabled by default. If you do not have this plugin...
XSRF vulnerability in the Mail Page plugin
We have identified and fixed a cross-site request forgery XSRF vulnerability which may affect Confluence instances in a public environment. The XSRF vulnerability is exposed in the Confluence Mail Page plugin. Note that the Mail Page plugin is disabled by default. If you do not have this plugin...
PT-2005-4523 · Php · Php-Post
Name of the Vulnerable Software and Affected Versions: PHP-Post PHPp version 1.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting XSS attacks. This can be achieved through the subject in a post or by manipulating th...