62 matches found
WordPress Robo Gallery 3.2.1 plugin - XSS Stored Vulnerability
Title: WordPress 6.0.1 Plugin-Robo Gallery 3.2.1 XSS-Stored Author: nu11secur1ty Vendor: https://wordpress.org/ Software: https://wordpress.org/plugins/robo-gallery/ Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/WordPress/2022/RoboGallery/XSS-Stored Description: Th...
CVE-2021-35052
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High...
Weblate: CSRF - Changing the full name / adding a secondary email identity of an account via a GET request
SUMMARY ---------- Hello, I have found a CSRF request via the activation email that will change the full name of the targeted account. This vulnerability exists if the attacker registers a new account and then gives his activation link to someone else. If the victim uses the received activation...
XSS, Code Execution, DOS, Password Leak, Weak Authentication in GetSimpleCMS 3.3.5
Vulnerability: XSS, Code Execution, DOS, Password Leak, Weak Authentication Affected Software: GetSimpleCMS http://get-simple.info/ Affected Version: 3.3.5 probably also prior versions Patched Version: 3.3.6 partial fix Risk: Medium-High Vendor Contacted: 2015-06-14 Vendor Partial Fix: 2015-07-14...
GetSimpleCMS 3.3.5 XSS / Code Execution / DoS / Weak Auth
Vulnerability: XSS, Code Execution, DOS, Password Leak, Weak Authentication Affected Software: GetSimpleCMS http://get-simple.info/ Affected Version: 3.3.5 probably also prior versions Patched Version: 3.3.6 partial fix Risk: Medium-High Vendor Contacted: 2015-06-14 Vendor Partial Fix: 2015-07-14...
Joomla (Yelp Component) SQL Injection Vulnerability
No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Yelp Component SQL Injection Vulnerability LANGUAGE: PHP RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom...
OkCupid: Stored XSS on your site..
Affected site: http://www.okcupid.com/ Vulnerability:XSS. Severity:Medium/High. Description: Cross site scripting also referred to as XSS is a vulnerability that allows an attacker to send malicious code usually in the form of Javascript to another user. Because a browser cannot know if the scrip...
CommPort 1.01 Authentication Bypass
---------------------------------------------------- CommPort 1.01 Vendor information: "A 'Community Portal' generator that can be tailored for any location. Each user gets a personal portal page to which they can add their own 'channels' or select from a growing list of pre-prepared local,...
Nike+ Panel / Mobile App Cross Site Scripting
Exploit for php platform in category web applications Nike+ Panel & Mobile App - Multiple Web Vulnerabilities Details: ======== Multiple persistent input validation vulnerabilities are detected in the Nike+ Control Panel & fuelband mobile web application. The bug allows an attackers to...
Joomla Job SQL Injection
...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Job Component SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TYPE: N/A PRICE: N/A TESTED ON: Demo Site...
Joomla Yelp SQL Injection
...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Yelp Component SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TYPE: N/A PRICE: N/A TESTED ON: Demo Site...
Joomla! Component Yelp - SQL Injection
...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Yelp Component SQL Injection Vulnerability LANGUAGE: PHP RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom...
Joomla! Component Job - SQL Injection
...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Job Component SQL Injection Vulnerability LANGUAGE: PHP RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom...
Joomla Component (Yelp) SQL Injection Vulnerability
Exploit for unknown platform in category web applications =================================================== Joomla Component Yelp SQL Injection Vulnerability =================================================== ...BEGIN ADVISORY...
Joomla! Component Job - SQL Injection
Joomla! Component Job - SQL Injection ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Job Component SQL Injection Vulnerability LANGUAGE: PHP RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom...
Joomla! Component Yelp - SQL Injection
Joomla! Component Yelp - SQL Injection ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Yelp Component SQL Injection Vulnerability LANGUAGE: PHP RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom...
Joomla Kunena 1.5.4 SQL Injection
...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comkunena BLIND SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON: LocalHost...
Joomla Component JE Quiz Blind SQL Injection Vulnerability
No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla JE Quiz component BLIND SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TYPE:...
Joomla! Component JE Event Calendar - SQL Injection
Joomla! Component JE Event Calendar - SQL Injection ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla JE Event Calendar SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT:...
Joomla! Component JE Event Calendar - SQL Injection
...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla JE Event Calendar SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom...