EUVD-2008-4404

Malware in sbrugna...

Ovidentia 6 SQL Injection

Exploit Title: Ovidentia 6 - 'id' SQL injection Authenticated Exploit Author: Felipe Prates Donato m4ud Vendor Homepage: http://www.ovidentia.org Version: 6 DORK : "Powered by Ovidentia" http://Site/ovidentia/index.php?tg=delegat&idx=mem&id=1 UNION Select select...

Ovidentia 6 - (id) SQL injection (Authenticated) Vulnerability

Exploit Title: Ovidentia 6 - 'id' SQL injection Authenticated Exploit Author: Felipe Prates Donato m4ud Vendor Homepage: http://www.ovidentia.org Version: 6 DORK : "Powered by Ovidentia" http://Site/ovidentia/index.php?tg=delegat&idx=mem&id=1 UNION Select select...

Ovidentia 8.4.3 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------- Exploit Title: Ovidentia CMS - XSS Ovidentia 8.4.3 Description: The vulnerability permits any kind of XSS attacks. Reflected, DOM and Stored XSS. CVE: CVE-2019-13977 Exploit Author:...

Cross-Site Scripting (XSS)

ovidentia/ovidentia is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser through multiple parameters within the application...

SQL Injection

ovidentia/ovidentia is vulnerable to SQL injection. The vulnerability exists through the lack of sanitization of $id, allowing a remote attacker to inject and execute arbitrary SQL queries...

CVE-2019-13978

CVE-2019-13978 affects Ovidentia 8.4.3. The vulnerability is a SQL Injection via the id parameter in index.php?tg=delegat&idx=mem, caused by insufficient input validation. Public examples describe an authenticated exploitation path and payloads that can trigger conditional SQL statements or sleep...

exploits

Public Exploits This repository cotains public exploits writ...

Design/Logic Flaw

Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, babgetAddonFilePathfromTg that can result in Authenticated Remote Code Execution. This attack appear to be exploitable via The attacker must have permission to upload addons...

CVE-2018-1000619

Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, babgetAddonFilePathfromTg that can result in Authenticated Remote Code Execution. This attack appear to be exploitable via The attacker must have permission to upload addons...

CVE-2018-1000619

Affected: Ovidentia 8.4.3 and earlier. Vulnerability: Unsanitized user input in utilit.php (bab_getAddonFilePathfromTg) can lead to Authenticated Remote Code Execution. Requires attacker to have permission to upload addons. CVSS metrics: v2 base 6.5 (MEDIUM); v3 base 8.8 (HIGH). No explicit remed...

Ovidentia troubleticketsModule 7.6 - Remote File Inclusion

No description provided by source...

Ovidentia maillist Module 4.0 - Remote File Inclusion

Not for kiddies! Download: http://www.ovidentia.org/index.php?tg=fileman&sAction=getFile&id=17&gr=Y&path=Downloads%2FAdd-ons%2FModules%2Fmaillist&file=maillist-4-0.zip&idf=794 PoC: maillist-4-0/programs/mlincl.php line 4 ------------------------------------------------------------------------...

Ovidentia maillist Module 4.0 - Remote File Inclusion Exploit

Exploit for php platform in category web applications Not for kiddies! Download: http://www.ovidentia.org/index.php?tg=fileman&sAction=getFile&id=17&gr=Y&path=Downloads%2FAdd-ons%2FModules%2Fmaillist&file=maillist-4-0.zip&idf=794 PoC: maillist-4-0/programs/mlincl.php line 4...

Ovidentia Captcha (Version 0.7) Module Remote File Inclusion Vulnerability

Exploit for php platform in category web applications Title: Ovidentia Module Captcha Version 0.7 Remote File Inclusion Author: GoLdM Download: http://www.ovidentia.org/modules/babArticle731 PoC : \captcha-0-7\programs\captcha.class.php ------------------------------------------------------...

Ovidentia newsletter Module 2.2 - (admin.php) Remote File Inclusion Exploit

Exploit for php platform in category web applications Title: Ovidentia Module newsletter 2.2 admin.php Remote File Inclusion Exploit Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...

Ovidentia NewsLetter Module 2.2 - 'admin.php' Remote File Inclusion

Title: Ovidentia Module newsletter 2.2 admin.php Remote File Inclusion Exploit Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...

Ovidentia NewsLetter Module 2.2 - admin.php Remote File Inclusion

Ovidentia NewsLetter Module 2.2 - admin.php Remote File Inclusion Title: Ovidentia Module newsletter 2.2 admin.php Remote File Inclusion Exploit Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...

Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusions

Title: Ovidentia Module bulletindoc 2.9 Multiple Remote File Inclusion Vulnerabilities Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...

Ovidentia bulletindoc 2.9 Remote File Inclusion

Title: Ovidentia Module bulletindoc 2.9 Multiple Remote File Inclusion Vulnerabilities Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...