CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Exploit for php platform in category web applications WordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site Scripting Vulnerability Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Portrait-Archiv.com Photostore 5.0.4 Portrait-Archiv.com is prone to a reflected...

7.4AI score

Exploits0

Patchstack•added 2019/09/04 12:0 a.m.•6 views

WordPress Portrait-Archiv.com Photostore plugin <= 3.1 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability

Unauthenticated Reflected Cross-Site Scripting XSS vulnerability found by Ricardo Sanchez in WordPress Portrait-Archiv.com Photostore plugin versions = 3.1 Solution 8 Sep 2019 - we were unable to find a patched version of this plugin...

2.2AI score

Exploits0References1Affected Software1

Packet Storm•added 2019/09/03 12:0 a.m.•231 views

WordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site Scripting

Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Portrait-Archiv.com Photostore 5.0.4 Portrait-Archiv.com is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execut...

7AI score

Exploits0

WPVulnDB•added 2019/09/03 12:0 a.m.•11 views

Portrait-Archiv.com Photostore <= 3.1 - Unauthenticated Reflected XSS

The 'pDetails' GET parameter from the js/imageDetails.php was vulnerable to an unauthenticated reflected XSS attack. PoC http://www.example.com/wp-content/plugins/portrait-archiv-shop/js/imageDetails.php?pDetails=;;alert"XSS"...

1.2AI score

Exploits0References2Affected Software1

wpexploit•added 2019/09/03 12:0 a.m.•11 views

Portrait-Archiv.com Photostore <= 3.1 - Unauthenticated Reflected XSS

The 'pDetails' GET parameter from the js/imageDetails.php was vulnerable to an unauthenticated reflected XSS attack. http://www.example.com/wp-content/plugins/portrait-archiv-shop/js/imageDetails.php?pDetails=;;alert"XSS"...

1.6AI score

Exploits0References2

OSV•added 2017/04/12 10:59 p.m.•1 views

CVE-2016-4337

SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recoverlogin action...

9.8CVSS6.1AI score0.02724EPSS

Exploits5References2

NVD•added 2017/04/12 10:59 p.m.•11 views

CVE-2016-4337

9.8CVSS9.9AI score0.02724EPSS

Exploits5References2

Prion•added 2017/04/12 10:59 p.m.•8 views

Sql injection

7.5CVSS9AI score0.02724EPSS

Exploits5References2Affected Software1

Cvelist•added 2017/04/12 10:0 p.m.•24 views

CVE-2016-4337

10AI score0.02724EPSS

Exploits5References2

CVE•added 2017/04/12 10:0 p.m.•44 views

CVE-2016-4337

CVE-2016-4337 affects Ktools Photostore prior to 4.7.5. The vulnerability is a SQL injection in the admin password-recovery flow (mgr.login.php, recover_login action) that allows remote attackers to execute arbitrary SQL via the email parameter. Publicly documented as a pre-authentication, blind ...

9.8CVSS9.9AI score0.02724EPSS

Exploits5References2Affected Software1

exploitpack•added 2016/07/04 12:0 a.m.•32 views

Ktools Photostore 4.7.5 - Multiple Vulnerabilities

Ktools Photostore 4.7.5 - Multiple Vulnerabilities -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Ktools Photostore = 4.7.5 Multiple Vulnerabilities Bug discovered by Yakir Wizman Date 01/07/2016 Affected versions prior to 4.7.5 Vendor Homepage - http://www.ktools.net...

0.2AI score

Exploits0

seebug.org•added 2016/07/04 12:0 a.m.•16 views

Ktools Photostore 4.7.5 - Blind SQL Injection

No description provided by source...

7.1AI score

Exploits0

Exploit DB•added 2016/07/04 12:0 a.m.•41 views

Ktools Photostore 4.7.5 - Multiple Vulnerabilities

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Ktools Photostore = 4.7.5 Multiple Vulnerabilities Bug discovered by Yakir Wizman Date 01/07/2016 Affected versions prior to 4.7.5 Vendor Homepage - http://www.ktools.net -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Author wil...

7.4AI score

Exploits0

0day.today•added 2016/07/04 12:0 a.m.•200 views

Ktools Photostore 4.7.5 - Multiple Vulnerabilities

Exploit for php platform in category web applications -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Ktools Photostore = 4.7.5 Multiple Vulnerabilities Bug discovered by Yakir Wizman Date 01/07/2016 Affected versions prior to 4.7.5 Vendor Homepage - http://www.ktools.net...

7.1AI score

Exploits0

CNVD•added 2016/07/01 12:0 a.m.•3 views

Ktools Photostore SQL Injection Vulnerability

Ktools Photostore is the American Ktools company's set of professional photo gallery-like shopping cart software dedicated to selling pictures and other artwork online. A SQL injection vulnerability exists in Ktools Photostore versions prior to 4.7.5. An attacker can exploit this vulnerability to...

9.8CVSS8.4AI score0.02724EPSS

Exploits5References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by