phpEnter 4.2.7 Cross Site Request Forgery

function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "http://sitename/path/addnews.php", true; xhr.setRequestHeader"Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8"; xhr.setRequestHeader"Accept-Language", "en-US,en;q=0.5"; xhr.setRequestHeader"Content-Type"...

phpEnter 4.2.7 - Cross-Site Request Forgery (Add New Post)

function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "http://sitename/path/addnews.php", true; xhr.setRequestHeader"Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8"; xhr.setRequestHeader"Accept-Language", "en-US,en;q=0.5"; xhr.setRequestHeader"Content-Type"...

phpEnter 4.2.7 - Cross-Site Request Forgery (Add New Post)

phpEnter 4.2.7 - Cross-Site Request Forgery Add New Post function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "http://sitename/path/addnews.php", true; xhr.setRequestHeader"Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8";...

CVE-2012-6046

Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter...

Code injection

Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter...

CVE-2012-6046

Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter...

CVE-2012-6046

The CVE-2012-6046 entry concerns a static code injection in admin/banners.php of PHP Enter, allowing remote attackers to inject arbitrary PHP code into horad.php via the code parameter. Connected sources confirm the same description and indicate a high-severity impact (complete confidentiality, i...

PHP Enter 4.1.2 - banners.php PHP Code Injection

PHP Enter 4.1.2 - banners.php PHP Code Injection source: https://www.securityfocus.com/bid/53426/info PHP Enter is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may...

PHP Enter Code Injection

Exploit Title : Php Enter Php Code Injection Author : IrIsT.Ir & Sec4Ever.com Discovered By : L3b-r1'z Home : http://IrIsT.Ir & http://Sec4Ever.com P Blob : http://L3b-r1z.com/ Software Link : http://www.phpenter.net/ Security Risk : High Version : beta Tested on : win\XP Dork : allintext: "Power...

PHP Enter 4.1.2 - 'banners.php' PHP Code Injection

source: https://www.securityfocus.com/bid/53426/info PHP Enter is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and the...