PHP Scripts Mall Lawyer Search Script SQL Injection Vulnerability

PHP Scripts Mall Lawyer Search Script is a set of PHP based law firm management scripts by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Lawyer Search Script version 1.1. A remote attacker can exploit this vulnerability by sending the 'city' parameter to...

PHP Scripts Mall Facebook Clone Script SQL Injection Vulnerability

PHP Scripts Mall Facebook Clone Script is a set of PHP based social networking site scripts by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Facebook Clone Script version 1.0. The vulnerability can be exploited by remote attackers to inject SQL commands by sendi...

PHP Scripts Mall Entrepreneur Bus Booking Script SQL Injection Vulnerability

PHP Scripts Mall Entrepreneur Bus Booking Script is a PHP based online bus booking management system from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Entrepreneur Bus Booking Script version 3.0.4. The vulnerability can be exploited by a remote attacker to inje...

PHP Scripts Mall E-commerce MLM Software SQL Injection Vulnerability

PHP Scripts Mall E-commerce MLM Software is a PHP based e-commerce online marketing system from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall E-commerce MLM Software version 1.0. A remote attacker can inject SQL into the PHP Scripts Mall E-commerce MLM Software...

PHP Scripts Mall Multireligion Responsive Matrimonial SQL Injection Vulnerability

PHP Scripts Mall Multireligion Responsive Matrimonial is a set of PHP based matrimonial dating website scripts by PHP Scripts Mall India. PHP Scripts Mall Multireligion Responsive Matrimonial version 4.7.2 suffers from a SQL injection vulnerability. A remote attacker can exploit this vulnerabilit...

FS Stackoverflow Clone SQL Injection Vulnerability

FS Stackoverflow Clone is a set of PHP-based scripts for online Q&A sites. A SQL injection vulnerability exists in FS Stackoverflow Clone version 1.0. A remote attacker can exploit this vulnerability to inject SQL commands...

PHP Scripts Mall MLM Forced Matrix SQL Injection Vulnerability

PHP Scripts Mall MLM Forced Matrix is a set of PHP based online marketing website scripts by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall MLM Forced Matrix version 2.0.9. A remote attacker can exploit the vulnerability by sending the 'newid' parameter to the...

PHP Scripts Mall Chartered Accountant Booking Script SQL Injection Vulnerability

PHP Scripts Mall Chartered Accountant Booking Script is a PHP and MySQL based online search and booking script for accountants by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Chartered Accountant Booking Script version 1.0. A remote attacker can exploit the...

PHP Scripts Mall Secure E-commerce Script SQL Injection Vulnerability

PHP Scripts Mall Secure E-commerce Script is a set of PHP based e-commerce website scripts from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Secure E-commerce Script version 2.0.1. A remote attacker can inject SQL into the category.php file by sending the...

PHP Scripts Mall Kickstarter Clone Script SQL Injection Vulnerability

PHP Scripts Mall Kickstarter Clone Script is a set of PHP based scripts for crowdfunding websites by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Kickstarter Clone Script version 2.0. A remote attacker can exploit the vulnerability by sending the 'projid'...

PHP Scripts Mall Basic B2B Script SQL Injection Vulnerability

PHP Scripts Mall Basic B2B Script is a set of PHP-based B2B2 business-to-business transactional website scripts from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Basic B2B Script version 2.0.8. A remote attacker can exploit the vulnerability by sending the 'id'...

Nice PHP FAQ Script - 'nice_theme' SQL Injection

Exploit Title: Nice PHP FAQ Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.nicephpscripts.com/ Software http://www.nicephpscripts.com/demophpscript-PHP-FAQ-Script-Knowledgebase-Script.htm Demo: http://www.nicephpscripts.com/scripts/faqscript/ Version: N/A Category:...

Attackers Use Undocumented MS Office Feature to Leak System Profile Data

An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted Word document—no VBA macros, embedded Flash objects or PE files needed. The undocumented feature is being used by...

PHP Scripts Theater Management Script 3.1.5 SQL Injection

Exploit Title: PHP Scripts - Theater Management Script - SQL Injection Dork: inurl:show-time.php?moid= Date: 18.08.2017 Vendor Homepage : http://www.exclusivescript.com/product/8o2b4417538/php-scripts/theater-management-script Version: 3.1.5 Category: Webapps Tested on: WiN10x64 / KaLiLinuxx64 CV...

CVE-2017-11154

Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter...

CVE-2015-3640

phpMyBackupPro 2.5 and earlier does not properly escape the "." character in request parameters, which allows remote authenticated users with knowledge of a web-accessible and web-writeable directory on the target system to inject and execute arbitrary PHP scripts by injecting scripts via the pat...

CVE-2015-3640

phpMyBackupPro 2.5 and earlier does not properly escape the "." character in request parameters, which allows remote authenticated users with knowledge of a web-accessible and web-writeable directory on the target system to inject and execute arbitrary PHP scripts by injecting scripts via the pat...

Hotel Booking Script 1.0 - SQL Injection

Exploit Title: Hotel & Tour Package Script v1.0 - SQL Injection Google Dork: N/A Date: 26.03.2017 Vendor Homepage: http://eagletechnosys.com/ Software: http://www.eaglescripts.com/hotel-booking-script Demo: http://hotelbooking.phpscriptsdemo.com/ Version: 1.0 Tested on: Win7 x64, Kali Linux x64...

F5 Networks BIG-IP : PHP vulnerability (K64412100)

Multiple integer overflows in the mbflstrcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted mbstrcut call...

New RCE Flaws Found in Samsung Smartcam

UPDATE At DEFCON 22 in 2014, researchers demonstrated hacks against the Samsung Smartcam that allowed an attacker to remotely take over the device. Samsung’s reaction at the time was to remove the web interface enabling the attack rather than patch the code in question. The Exploitee.rs, formerly...