MainWP Dashboard SQL Command Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance: from n/a through 4.4.3.3...

CVE-2023-38519

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance: from n/a through 4.4.3.3...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance: from n/a through 4.4.3.3...

MainWP Dashboard < 4.5.1.3 - Authenticated(Administrator+) CSS Injection

Description The MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress is vulnerable to CSS Injection via the ‘newColor’ parameter in all versions up to, and including, 4.5.1.2 due to insufficient input sanitization. This makes it possible for authenticated...

CVE-2023-6164

The CVE-2023-6164 entry concerns the MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress. It is vulnerable to CSS Injection via the newColor parameter due to insufficient input sanitization in all versions up to and including 4.5.1.2 . The issue affects aut...

Multiple Websites Distributed Denial of Service

A denial of service vulnerability exists in multiple websites. The vulnerability is due to the placing of the malicious JavaScript code BrownFlood. Successful exploitation of this vulnerability would allow remote attackers to cause denial of service on the affected system...

华天动力储存XSS（11处打包，非self-xss）

简要描述： 缺个移动硬盘存片子 详细说明： 上次提交说是self-xss，为了证明不是self-xss，这次打一下管理cookie吧 demo演示，涉及大量政府，医院，房产，电视台等网站：http://www.oa8000.com/solution.htm 首先还是来到官网，看到demo演示地址：http://demo.oa8000.com 然后先用官方提供的普通用户登录 存在XSS的地方在：客户管理--我的客户--新建...

Bridgelin CMS Cross Site Scripting

Exploit Title: Bridgelin Cms Cross Site Scripting Vulnerability Google Dork: Intext:"Powered BY Bridgelin" Date: 08/29/2012 Author: Crim3R Site : Http://Ajaxtm.com/ Vendor Home : http://www.bridgelin.com/ Tested on: all ================================== Post data ------------------------...

19 sites Hacked by PakCyberHaxors

19 sites Hacked by PakCyberHaxors Sites Hacked : https://forestrealty.co.in/hacked.htm Found this article interesting? Follow us on Twitter  and LinkedIn to read more e...

CYB3R_SWATI Hack two more sites Today...

CYB3RSWATI Hack two more sites Today... Links: https://www.liuhao.gov.cn/swati.html Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post...

Plume CMS 1.1.3 (dbinstall.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================= Plume CMS 1.1.3 dbinstall.php Remote File Include Vulnerability =================================================================...

Plume CMS 1.1.3 - dbinstall.php Remote File Inclusion

Plume CMS 1.1.3 - dbinstall.php Remote File Inclusion /------------------------------------------------ IHS Public advisory -------------------------------------------------/ Plume CMS Remote File Inclusion It uses PHP and MySql. With a single installation of Plume you can have multiple websites,...

Plume CMS 1.1.3 - &#039;dbinstall.php&#039; Remote File Inclusion

/------------------------------------------------ IHS Public advisory -------------------------------------------------/ Plume CMS Remote File Inclusion It uses PHP and MySql. With a single installation of Plume you can have multiple websites, file management, multiple authors with different righ...