31 matches found
PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability
No description provided by source. PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability Vendor: Prado Software Product web page: http://www.pradosoft.com Affected version: 3.2.0 r3169 Summary: PRADO is a component-based and event-driven programming framework for developing Web applications...
ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability
No description provided by source. ?php / ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability Vendor: ViArt Software Product web page: http://www.viart.com Affected version: 4.1, 4.0.8, 4.0.5 Summary: Viart Shop is a PHP based e-commerce suite, aiming to provide everything you nee...
LimeSurvey 2.00+ (build 131107) - Multiple Vulnerabilities
No description provided by source. ? LimeSurvey v2.00+ build 131107 Script Insertion And SQL Injection Vulnerability Vendor: LimeSurvey Project Team Product web page: http://www.limesurvey.org Affected version: 2.00+ build 131009 2.00+ build 131022 2.00+ build 131031 2.00+ build 131107 Summary:...
Ovidentia 7.9.4 - Multiple Vulnerabilities
No description provided by source. ? Ovidentia 7.9.4 Multiple Remote Vulnerabilities Vendor: Cantico Product web page: http://www.ovidentia.org Affected version: 7.9.4 Summary: Ovidentia is both a content management system CMS and a collaborative environment Groupware. Desc: Input passed via...
phlyLabs phlyMail Lite 4.03.04 (go param) Open Redirect Vulnerability
No description provided by source. phlyLabs phlyMail Lite 4.03.04 go param Open Redirect Vulnerability Vendor: phlyLabs Product web page: http://www.phlymail.com Affected version: Lite 4.03.04 Summary: phlyMail offers you an interface in the browser to have access to your emails, contacts,...
BoxBilling 3.6.11 - mod_notification Persistent Cross-Site Scripting
BoxBilling 3.6.11 - modnotification Persistent Cross-Site Scripting BoxBilling 3.6.11 modnotification Stored Cross-Site Scripting Vulnerability Vendor: BoxBilling Product web page: http://www.boxbilling.com Affected version: 3.6.11 modnotification 1.0.0 Summary: BoxBilling is a free billing,...
LimeSurvey 2.00+ (build 131107) - Multiple Vulnerabilities
LimeSurvey 2.00+ build 131107 - Multiple Vulnerabilities LimeSurvey v2.00+ build 131107 Script Insertion And SQL Injection Vulnerability Vendor: LimeSurvey Project Team Product web page: http://www.limesurvey.org Affected version: 2.00+ build 131009 2.00+ build 131022 2.00+ build 131031 2.00+...
Practico 13.9 XSS / CSRF / SQL Injection
Practico 13.9 Multiple Vulnerabilities Vendor: Practico Product web page: http://www.codigoabierto.org Affected version: 13.9 Summary: Practico is a free CMS software project released under license GNU GPL v2.0 for creating web applications in a completely visual and fast fashion. Without...
Practico 13.9 - Multiple Vulnerabilities
Practico 13.9 - Multiple Vulnerabilities Practico 13.9 Multiple Vulnerabilities Vendor: Practico Product web page: http://www.codigoabierto.org Affected version: 13.9 Summary: Practico is a free CMS software project released under license GNU GPL v2.0 for creating web applications in a completely...
Practico 13.9 - Multiple Vulnerabilities
Practico 13.9 Multiple Vulnerabilities Vendor: Practico Product web page: http://www.codigoabierto.org Affected version: 13.9 Summary: Practico is a free CMS software project released under license GNU GPL v2.0 for creating web applications in a completely visual and fast fashion. Without...
ImpressPages CMS 3.6 Cross Site Scripting / SQL Injection
ImpressPages CMS v3.6 Multiple XSS/SQLi Vulnerabilities Vendor: ImpressPages UAB Product web page: http://www.impresspages.org Affected version: 3.6 Summary: ImpressPages CMS is an open source web content management system with revolutionary drag & drop interface. Desc: Input passed via several...
WordPress WooCommerce 2.0.17 Cross Site Scripting
Wordpress WooCommerce Plugin 2.0.17 Cross-Site Scripting Vulnerability Vendor: WooThemes Product web page: http://www.woothemes.com Affected version: 2.0.17 and 2.0.14 Summary: WooCommerce is an open source e-commerce plugin for WordPress. Desc: The plugin suffers from a XSS issue due to a...
Gnew 2013.1 - Multiple Vulnerabilities (1)
Gnew 2013.1 - Multiple Vulnerabilities 1 Gnew v2013.1 Multiple XSS And SQL Injection Vulnerabilities Vendor: Raoul Proença Product web page: http://www.gnew.fr Affected version: 2013.1 Summary: Gnew is a simple Content Management System written with PHP language and using a database server MySQL,...
Gnew 2013.1 Cross Site Scripting / SQL Injection Vulnerabilities
Gnew 2013.1 suffers from cross site scripting and remote SQL injection vulnerabilities. Gnew v2013.1 Multiple XSS And SQL Injection Vulnerabilities Vendor: Raoul Proença Product web page: http://www.gnew.fr Affected version: 2013.1 Summary: Gnew is a simple Content Management System written with...
FluxBB 1.5.3 - Multiple Vulnerabilities
Exploit for php platform in category web applications !-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-si...
FluxBB 1.5.3 - Multiple Vulnerabilities
!-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-site scripting, cross-site request forgery and URL...
Qool CMS 2.0 RC2 Cross Site Scripting
Qool CMS v2.0 RC2 Multiple HTML And JavaScript Injection Vulnerabilities input type="hidden" name="lib" value="default"...
Piwigo任意文件泄露和任意文件删除漏洞
BUGTRAQ ID: 58016 Piwigo是用PHP编写的相册脚本。 Piwigo 2.4.6及其他版本没有正确验证install.php脚本的 'dl'参数值,在实现上存在安全漏洞,攻击者可利用这些漏洞查看受影响计算机上的任意文件,删除受影响应用上下文内的任意文件。 0 Piwigo Piwigo 2.4.6 厂商补丁: Piwigo ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://piwigo.org/bugs/view.php?id=2843...
Piwigo 2.4.6 - install.php Arbitrary File ReadDelete
Piwigo 2.4.6 - install.php Arbitrary File ReadDelete Piwigo 2.4.6 install.php Remote Arbitrary File Read/Delete Vulnerability Vendor: Piwigo project Product web page: http://www.piwigo.org Affected version: 2.4.6 Summary: Piwigo is a photo gallery software for the web that comes with powerful...
Piwigo 2.4.6 - '/install.php' Arbitrary File Read/Delete
Piwigo 2.4.6 install.php Remote Arbitrary File Read/Delete Vulnerability Vendor: Piwigo project Product web page: http://www.piwigo.org Affected version: 2.4.6 Summary: Piwigo is a photo gallery software for the web that comes with powerful features to publish and manage your collection of...