1161 matches found
FS Stackoverflow Clone SQL Injection Vulnerability
FS Stackoverflow Clone is a set of PHP-based scripts for online Q&A sites. A SQL injection vulnerability exists in FS Stackoverflow Clone version 1.0. A remote attacker can exploit this vulnerability to inject SQL commands...
PHP Scripts Mall Multireligion Responsive Matrimonial SQL Injection Vulnerability
PHP Scripts Mall Multireligion Responsive Matrimonial is a set of PHP based matrimonial dating website scripts by PHP Scripts Mall India. PHP Scripts Mall Multireligion Responsive Matrimonial version 4.7.2 suffers from a SQL injection vulnerability. A remote attacker can exploit this vulnerabilit...
PHP Scripts Mall Responsive Realestate Script SQL Injection Vulnerability
PHP Scripts Mall Responsive Realestate Script is a PHP and MySQL based real estate sales website script by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Responsive Realestate Script version 3.2. A remote attacker can exploit this vulnerability by sending the...
PHP Scripts Mall Secure E-commerce Script SQL Injection Vulnerability
PHP Scripts Mall Secure E-commerce Script is a set of PHP based e-commerce website scripts from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Secure E-commerce Script version 2.0.1. A remote attacker can inject SQL into the category.php file by sending the...
PHP Scripts Mall Multivendor Penny Auction Clone Script SQL Injection Vulnerability
PHP Scripts Mall Multivendor Penny Auction Clone Script is a PHP based online auction website script from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Multivendor Penny Auction Clone Script version 1.0. A remote attacker can exploit this vulnerability to inject...
PHP Scripts Mall Kickstarter Clone Script SQL Injection Vulnerability
PHP Scripts Mall Kickstarter Clone Script is a set of PHP based scripts for crowdfunding websites by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Kickstarter Clone Script version 2.0. A remote attacker can exploit the vulnerability by sending the 'projid'...
PHP Scripts Mall Facebook Clone Script SQL Injection Vulnerability
PHP Scripts Mall Facebook Clone Script is a set of PHP based social networking site scripts by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Facebook Clone Script version 1.0. The vulnerability can be exploited by remote attackers to inject SQL commands by sendi...
PHP Scripts Mall Chartered Accountant Booking Script SQL Injection Vulnerability
PHP Scripts Mall Chartered Accountant Booking Script is a PHP and MySQL based online search and booking script for accountants by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Chartered Accountant Booking Script version 1.0. A remote attacker can exploit the...
PHP Scripts Mall E-commerce MLM Software SQL Injection Vulnerability
PHP Scripts Mall E-commerce MLM Software is a PHP based e-commerce online marketing system from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall E-commerce MLM Software version 1.0. A remote attacker can inject SQL into the PHP Scripts Mall E-commerce MLM Software...
PHP Scripts Mall Entrepreneur Bus Booking Script SQL Injection Vulnerability
PHP Scripts Mall Entrepreneur Bus Booking Script is a PHP based online bus booking management system from PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Entrepreneur Bus Booking Script version 3.0.4. The vulnerability can be exploited by a remote attacker to inje...
PHP Scripts Mall Food Order Script SQL Injection Vulnerability
PHP Scripts Mall Food Order Script is a set of PHP based online review and feedback scripts for hotels, restaurants by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Food Order Script version 1.0. A remote attacker can exploit this vulnerability by sending the...
Nice PHP FAQ Script - 'nice_theme' SQL Injection
Exploit Title: Nice PHP FAQ Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.nicephpscripts.com/ Software http://www.nicephpscripts.com/demophpscript-PHP-FAQ-Script-Knowledgebase-Script.htm Demo: http://www.nicephpscripts.com/scripts/faqscript/ Version: N/A Category:...
Attackers Use Undocumented MS Office Feature to Leak System Profile Data
An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted Word document—no VBA macros, embedded Flash objects or PE files needed. The undocumented feature is being used by...
PHP Scripts Theater Management Script 3.1.5 SQL Injection
Exploit Title: PHP Scripts - Theater Management Script - SQL Injection Dork: inurl:show-time.php?moid= Date: 18.08.2017 Vendor Homepage : http://www.exclusivescript.com/product/8o2b4417538/php-scripts/theater-management-script Version: 3.1.5 Category: Webapps Tested on: WiN10x64 / KaLiLinuxx64 CV...
CVE-2017-11154
Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter...
CVE-2015-3640
phpMyBackupPro 2.5 and earlier does not properly escape the "." character in request parameters, which allows remote authenticated users with knowledge of a web-accessible and web-writeable directory on the target system to inject and execute arbitrary PHP scripts by injecting scripts via the pat...
CVE-2015-3640
phpMyBackupPro 2.5 and earlier does not properly escape the "." character in request parameters, which allows remote authenticated users with knowledge of a web-accessible and web-writeable directory on the target system to inject and execute arbitrary PHP scripts by injecting scripts via the pat...
Hotel Booking Script 1.0 - SQL Injection
Exploit Title: Hotel & Tour Package Script v1.0 - SQL Injection Google Dork: N/A Date: 26.03.2017 Vendor Homepage: http://eagletechnosys.com/ Software: http://www.eaglescripts.com/hotel-booking-script Demo: http://hotelbooking.phpscriptsdemo.com/ Version: 1.0 Tested on: Win7 x64, Kali Linux x64...
F5 Networks BIG-IP : PHP vulnerability (K64412100)
Multiple integer overflows in the mbflstrcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted mbstrcut call...
New RCE Flaws Found in Samsung Smartcam
UPDATE At DEFCON 22 in 2014, researchers demonstrated hacks against the Samsung Smartcam that allowed an attacker to remotely take over the device. Samsung’s reaction at the time was to remove the web interface enabling the attack rather than patch the code in question. The Exploitee.rs, formerly...