158 matches found
CVE-2019-6126
The CVE-2019-6126 entry concerns PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0. The vulnerability is an access-control bypass in the Admin Panel, where remote attackers can bypass restrictions by directly requesting admin/dashboard.php or admin/user.php, leading to disclosure of informa...
MLMPro 1.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Matrix MLM Script 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://royallifefoundation.org/ Software Link: https://codecanyon.net/item/mlmpro-multistage-forced-matrix-mlm-script/23050292 Version: 1.0...
Singleleg MLM Software 1.0 - msg_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Singleleg MLM Software 1.0 - 'msgid' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://mlmsoftwarez.in/ Software Link: http://mlmdemo.biz/singleleg/root.html Software Link: http://mlmdemo.biz/autopool/root.html...
Binary MLM Software 1.0 - pid SQL Injection
Binary MLM Software 1.0 - pid SQL Injection Exploit Title: Binary MLM Software 1.0 - 'pid' SQL Injection Dork: N/A Date: 2018-10-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://mlmsoftwarez.in/ Software Link: http://mlmdemo.biz/binary/root.html Version: 1.0 Category: Webapps Tested on:...
Singleleg MLM Software 1.0 - msg_id SQL Injection
Singleleg MLM Software 1.0 - msgid SQL Injection Exploit Title: Singleleg MLM Software 1.0 - 'msgid' SQL Injection Dork: N/A Date: 2018-10-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://mlmsoftwarez.in/ Software Link: http://mlmdemo.biz/singleleg/root.html Software Link:...
Singleleg MLM Software 1.0 SQL Injection
Exploit Title: Singleleg MLM Software 1.0 - 'msgid' SQL Injection Dork: N/A Date: 2018-10-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://mlmsoftwarez.in/ Software Link: http://mlmdemo.biz/singleleg/root.html Software Link: http://mlmdemo.biz/autopool/root.html Software Link:...
PHP Scripts Mall Bitcoin MLM Software Cross-Site Scripting Vulnerability
PHP Scripts Mall Bitcoin MLM Software is a PHP-based bitcoin management software from PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Bitcoin MLM Software version 1.0.2. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
Cross site scripting
Cross Site Scripting XSS exists in PHP Scripts Mall Bitcoin MLM Software 1.0.2 via a profile field...
CVE-2018-6862
Cross Site Scripting XSS exists in PHP Scripts Mall Bitcoin MLM Software 1.0.2 via a profile field...
CVE-2018-6862
Cross Site Scripting XSS exists in PHP Scripts Mall Bitcoin MLM Software 1.0.2 via a profile field...
CVE-2018-6862
CVE-2018-6862 is a cross-site scripting (XSS) vulnerability in PHP Scripts Mall Bitcoin MLM Software 1.0.2, exploitable via a profile field. Public records describe this as a stored XSS issue (PoC: injects script in profile edits, e.g., ), with multiple sources (CNVD, CVE lists, exploit databases...
CVE-2018-6862
Cross Site Scripting XSS exists in PHP Scripts Mall Bitcoin MLM Software 1.0.2 via a profile field...
Bitcoin MLM Software 1.0.2 - Cross-Site Scripting Vulneravility
Exploit for php platform in category web applications Exploit Title: Bitcoin MLM Software 1.0.2 - Stored XSS Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/bitcoin-mlm/ Category: Web Application Exploit Author: Prasenjit Kanti Paul Web:...
Bitcoin MLM Software 1.0.2 Cross Site Scripting
Exploit Title: Bitcoin MLM Software 1.0.2 - Stored XSS Date: 07.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/bitcoin-mlm/ Category: Web Application Exploit Author: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Version:...
CVE-2018-6796
PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input field...
CVE-2018-6796
PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input field...
CVE-2018-6796
CVE-2018-6796 affects the PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0. The connected CNVD/CNVD entries describe a Stored XSS vulnerability that can be triggered via arbitrary input fields on user profiles. The root cause is input fields not properly sanitizing or encoding data, allo...
Multilanguage Real Estate MLM Script 3.0 Cross Site Scripting
Exploit Title: Multilanguage Real Estate MLM Script - Stored XSS Date: 06.02.2018 Exploit Author: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...
Sql injection
SQL Injection exists in Multilanguage Real Estate MLM Script through 3.0 via the /product-list.php srch parameter...
CVE-2018-6364
Vulnerability : Multilanguage Real Estate MLM Script (3.0 and earlier) has an SQL injection in the srch parameter of /product-list.php . Multiple sources (CNVD/NVD) describe remote, unauthenticated exploitation with high impact to confidentiality, integrity, and availability. CVSSv3.0 base score ...