6 matches found
PT-2024-35751 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA version 3.2.0 Description: The issue concerns multiple stored cross-site scripting XSS vulnerabilities in the /configuracao/meio pagamento.php component. Attackers can execute arbitrary web scripts or HTML via a crafted payload injected...
Cross site scripting
Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "configurationtitle1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...
PlayTube 3.0.1 Information Disclosure Vulnerability
Exploit Title: PlayTube 3.0.1 - Redirect Information Disclosure Exploit Author: CraCkEr Vendor: PlayTube Vendor Homepage: https://playtubescript.com/ Software Link: https://demo.playtubescript.com/ Tested on: Windows 10 Pro Impact: Sensitive Information Leakage CVE: CVE-2023-4714 CWE: CWE-200 -...
代码审计系列5: PHPYUN多个问题(涉及CSRF、XSS)
简要描述: 这个程序较大,客户较多,出现这种问题影响也比较大。 详细说明: 由于整个程序的后台与后端的数据交互都没有对CSRF做防范,导致这程序后台面临着巨大的威胁。 另外还存在着诸多的XSS漏洞。 受影响较严重的功能: 系统管理 基础配置 网站配置 系统管理 基础配置 支付配置 系统管理 基础配置 管理员配置 系统管理 基础配置 导航配置 运营管理 运营管理 后台充值 运营管理 运营管理 短信群发 PS: 对于金钱相关的事儿,黑客们应该比较感兴趣吧 漏洞证明: 下面利用CSRF插入XSS的例子来说明一下。 首先定位: 运营管理 运营管理 友情链接 这里的过滤并不完善,可以完全绕开。...
ShopEx API injection vulnerability-vulnerability warning-the black bar safety net
Detailed description The defect file: \core\api\payment\2.0\apib2b20paymentcfg.php core\api\payment\1.0\apib2b20paymentcfg.php Section 4 row 4 $data'columns' do not filter lead injection REF: http://www.cnseay.com/3237/ Vulnerability hazard The administrator password can be used by hackers to get...
shopEx the latest version of the API injection vulnerability analysis attached to the use of the exp-bug warning-the black bar safety net
The defect file: \core\api\payment\2.0\apib2b20paymentcfg.php core\api\payment\1.0\apib2b20paymentcfg.php Section 4 row 4 $data'columns' do not filter lead injection Packed sentence of ShopEx to the API operation the module does not do authentication, any user can access,the attacker can be to th...