254 matches found
Google Android has an unspecified vulnerability (CNVD-2018-09753)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and the Qualcomm SD 845 and SD 850 are central processing unit CPU products from Qualcomm. A security vulnerability exists in the Qualcomm closed-source component in Android, whic...
CVE-2016-10494
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, ...
Integer overflow
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, in ADSP's QDI Root-PD driver, untrusted arguments from User PD may cause integer overflow resulting in buffer...
Integer overflow
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, ...
CVE-2015-9118
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, in ADSP's QDI Root-PD driver, untrusted arguments from User PD may cause integer overflow resulting in buffer...
CVE-2016-10494
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, ...
CVE-2017-18143
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugging is not enabled...
Code injection
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugging is not enabled...
E-Store 1.0 / 2.0 SQL Injection
Exploit Author: Nawaf Alkeraithe ====================================== for "E-store 1.0": Google Dork: "Powered by: PD" inurl:"page.php?id" Vulnerable page: http://target/page.php?id=SQL Injection ====================================== for "E-store 2.0": Google Dork: "Powered by: PD"...
CVE-2013-0129
Multiple cross-site scripting XSS vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via 1 the WebFTP Overview "Create new directory" field or 2 the body of an e-mail autoresponder message...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via 1 the WebFTP Overview "Create new directory" field or 2 the body of an e-mail autoresponder message...
CVE-2013-0129
Multiple cross-site scripting XSS vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via 1 the WebFTP Overview "Create new directory" field or 2 the body of an e-mail autoresponder message...
CVE-2013-0129
pd-admin before 4.17 is vulnerable to cross-site scripting (XSS) via two vectors: the WebFTP Overview “Create new directory” field and the body of an e-mail autoresponder message. The root cause is improper input handling that allows injection of arbitrary script/HTML. Impact stated across source...
pd-admin contains cross-site scripting vulnerabilities
Overview pd-admin, a web interface for users of hosting providers, is susceptible to cross-site scripting XSS vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' pd-admin, contains cross-site scripting XSS vulnerabilities. The...
PROFESSIONAL DESIGNER - SQL Injection Vulnerability
Exploit for php platform in category web applications -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...
CultBooking 2.0.4 Multiple Vulnerabilities
Exploit for php platform in category web applications CultBooking 2.0.4 lang Local File Inclusion Vulnerability Vendor: Cultuzz Digital Media GmbH Product web page: http://www.cultuzz.com Affected version: 2.0.4 Summary: Open source hotel booking system Internet Booking Engine IBE. Via a central...
CultBooking 2.0.4 (cultbooking.php) Multiple XSS/PD Vulnerabilities
Summary Open source hotel booking system Internet Booking Engine IBE. Via a central api called CultSwitch it is possible to make bookings and set the actual availabilities in the hotels pms. This is easy to install and easy to integrate with full support. Description CultBooking Hotel Booking...
MantisBT 1.2.3 Cross Site Scripting / Path Disclosure
MantisBT =1.2.3 dbtype Cross-Site Scripting & Path Disclosure Vulnerability Vendor: MantisBT Group Product web page: http://www.mantisbt.org Version affected: 1.2.4 Summary: MantisBT is a free popular web-based bugtracking system. It is written in the PHP scripting language and works with MySQL, ...
CVE-2010-0977
PD PORTAL 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb...
CVE-2010-0977
PD PORTAL 4.0 is described as storing sensitive information under the web root with insufficient access control, enabling remote attackers to download the database file db.mdb via a direct request. The available sources confirm this vulnerability pattern but do not provide detailed exploit steps,...