CVE-2023-6614 Typecho Page manage-pages.php backdoor

A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this vulnerability is an unknown functionality of the file /admin/manage-pages.php of the component Page Handler. The manipulation leads to backdoor. The attack can be launched remotely. The exploit has been disclos...

CVE-2023-6614

CVE-2023-6614 concerns Typecho 1.2.1. The vulnerability affects the file /admin/manage-pages.php in the Page Handler component, where manipulation can lead to a backdoor. Exploitation can be performed remotely, and the public exploit has been disclosed. Multiple references corroborate Typecho 1.2...

Pixelimity cross-site scripting vulnerability

Pixelimity is a PHP-based CMS Content Management System.A cross-site scripting vulnerability exists in Pixelimity version 1.0, which stems from a lack of data validation filtering of user-supplied and output data in the Title field of admin/pages.php. An attacker could exploit the vulnerability t...

Cross site scripting

A stored cross-site scripting XSS vulnerability in Pixelimity 1.0 allows attackers to execute arbitrary web scripts or HTML via the Title field in admin/pages.php?action=addnew...

CVE-2019-12566

The WP Statistics plugin through 12.6.5 for Wordpress has stored XSS in includes/class-wp-statistics-pages.php. This is related to an account with the Editor role creating a post with a title that contains JavaScript, to attack an admin user...

Listing Hub CMS 1.0 - pages.php id SQL Injection

Listing Hub CMS 1.0 - pages.php id SQL Injection Exploit Title: Listing Hub CMS 1.0 - 'pages.php id' SQL Injection Google Dork: inurl:"pages.php?title=privacy-policy" Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me Vendor Homepage:...

CVE-2018-17835

An issue was discovered in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created at the admin/pages.php URI...

CVE-2018-17835

GetSimple CMS 3.3.15 is affected by CVE-2018-17835. The issue is a stored XSS: an administrator can inject malicious payload via the admin/settings.php Custom Permalink Structure parameter, which then contaminates any page created at the admin/pages.php URI. The vulnerability is rooted in imprope...

kandilchandeliers.com XSS vulnerability

Open Bug Bounty ID: OBB-553391 Description| Value ---|--- Affected Website:| kandilchandeliers.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Sql injection

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php florig or fldest parameter...

CVE-2017-17570

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php florig or fldest parameter...

CVE-2017-17570

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php florig or fldest parameter...

CVE-2017-17570

FS Expedia Clone 1.0 is affected by a SQL injection vulnerability in input parameters to pages.php (id), content.php (id) and show-flight-result.php (fl_orig, fl_dest). The issue stems from unsanitized user input in SQL queries, enabling remote attackers to inject commands. Public reports (Exploi...

FS Expedia Clone 1.0 - fl_orig fl_dest id SQL Injection

FS Expedia Clone 1.0 - florig fldest id SQL Injection Exploit Title: FS Expedia Clone 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/expedia-clone/ Demo: http://expedia-clone.demonstration.co.in/ Versio...

dadu.ru XSS vulnerability

Vulnerable URL: http://dadu.ru/www/dadu//site-pages.php?clientid==16"...

Jweb CMS pages.php parameter pageId SQL injection vulnerability

No description provided by source...

Quick CMS 6.1 Cross Site Scripting

FULL DISCLOSURE Product : Quick CMS Exploit Author : Rahul Pratap Singh Version : 6.1 Home page Link : http://opensolution.org/home.html Website : 0x62626262.wordpress.com Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 Date : 19/Jan/2016 XSS Vulnerability:...

CVE-2011-5310

Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to read arbitrary files via a .. dot dot in the id parameter...

CVE-2011-5311

CVE-2011-5311 describes a Cross-site request forgery (CSRF) in Wikipad 1.6.0, where requests that modify pages via the data[text] parameter can hijack an administrator’s authenticated session. Affected component: pages.php. Root cause and detailed exploit path are not elaborated beyond the parame...

K9 Kreativity Design (pages.php) SQL Injection Vulnerability

No description provided by source. ========================================================== K9 Kreativity Design pages.php SQL Injection Vulnerability ========================================================== + K9 Kreativity Design pages.php SQL Injection Vulnerability + By NewbieCampuz +...