PHP 5.6.x < 5.6.3 donote DoS

According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.3. It is, therefore, affected by an out-of-bounds read error in the function 'donote' within the file 'ext/fileinfo/libmagic/readelf.c' that could allow application crashes. Note that the scanner has no...

Microweber v1.0.3 Stored XSS And CSRF Add Admin Exploit

Exploit for php platform in category web applications Microweber v1.0.3 Stored XSS And CSRF Add Admin Exploit inp...

WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit

Exploit for php platform in category web applications WordPress MiwoFTP Plugin 1.0.5 CSRF Arbitrary File Deletion Exploit Vendor: Miwisoft LLC Product web page: http://www.miwisoft.com Affected version: 1.0.5 Summary: MiwoFTP is a smart, fast and lightweight file manager plugin that operates from...

Balero CMS 0.7.2 Cross Site Scripting / SQL Injection Vulnerabilities

Balero CMS version 0.7.2 suffers from cross site scripting and SQL injection vulnerabilities. document.cookie="counter=1confirm'XSS'; path=/balerocms/"; csrf+stored xss+filter bypass+session hijack: input type="hidden" name="content" value...

u5CMS 3.9.3 - Multiple SQL Injections

u5CMS 3.9.3 - Multiple SQL Injections u5CMS 3.9.3 Multiple SQL Injection Vulnerabilities Vendor: Stefan P. Minder Product web page: http://www.yuba.ch Affected version: 3.9.3 and 3.9.2 Summary: u5CMS is a little, handy Content Management System for medium-sized websites, conference / congress /...

u5CMS 3.9.3 Open Redirect

u5CMS 3.9.3 Multiple Open Redirect Vulnerabilities Vendor: Stefan P. Minder Product web page: http://www.yuba.ch Affected version: 3.9.3 and 3.9.2 Summary: u5CMS is a little, handy Content Management System for medium-sized websites, conference / congress / submission administration, review...