CVE-2018-25397

PHP-SHOP 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to add administrative users by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that automatically submits POST...

CVE-2018-25397 PHP-SHOP 1.0 Cross-Site Request Forgery via users.php

PHP-SHOP 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to add administrative users by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that automatically submits POST...

PHP-SHOP 跨站请求伪造漏洞

PHP-SHOP is an online shopping system developed by joeyrush, based on PHP. Version 1.0 of PHP-SHOP has a cross-site request forgeing vulnerability. This vulnerability stems from the lack of verification of the request source, which may allow unauthenticated attackers to add administrative users...

CVE-2019-25507

Ashop Shopping Cart Software contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'shop' parameter. Attackers can send GET requests to index.php with malicious 'shop' values using UNION-based SQL injection t...

EUVD-2008-5619

Malware in sbrugna...

EUVD-2008-4859

Malware in sbrugna...

EUVD-2008-4858

Malware in sbrugna...

EUVD-2008-6266

Malware in sbrugna...

PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery Add admin Exploit Author : Alireza Norkazemi Vendor Homepage : https://github.com/joeyrush/PHP-SHOP Software link: https://github.com/joeyrush/PHP-SHOP/archive/master.zip Version:...

PHP-SHOP Master 1.0 Cross Site Request Forgery

Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery Add admin Exploit Author : Alireza Norkazemi Date: 2018-10-15 Vendor Homepage : https://github.com/joeyrush/PHP-SHOP Software link: https://github.com/joeyrush/PHP-SHOP/archive/master.zip Version: 1.0 Tested on: Windows 10 CVE: N/A...

PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery Add admin Exploit Author : Alireza Norkazemi Date: 2018-10-15 Vendor Homepage : https://github.com/joeyrush/PHP-SHOP Software link: https://github.com/joeyrush/PHP-SHOP/archive/master.zip Version: 1.0 Tested on: Windows 10 CVE: N/A...

PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add Admin)

PHP-SHOP master 1.0 - Cross-Site Request Forgery Add Admin Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery Add admin Exploit Author : Alireza Norkazemi Date: 2018-10-15 Vendor Homepage : https://github.com/joeyrush/PHP-SHOP Software link:...

PHP Shop 2.0 SQL Injection

Exploit Title : phpshop 2.0 SQL Injection Vulnerability Author : By onestree Software Link : http://code.google.com/p/phpshop/downloads/list tested : windows 7 / ubuntu Dork : inurl:"tanyakan pada rumput yang bergoyang" SQLi p0c: ================== http://localhost/phpshop...

CVE-2008-6296

admin.php in Maran PHP Shop allows remote attackers to bypass authentication and gain administrative access by setting the user cookie to "demo."...

CVE-2008-6296

CVE-2008-6296 affects admin.php in Maran PHP Shop. The vulnerability allows remote attackers to bypass authentication and gain administrative access by setting the user cookie to “demo.” This is evidenced in sources like NVD (base score 7.5, HIGH) and corroborated by multiple listings. The connec...

CVE-2008-6296

admin.php in Maran PHP Shop allows remote attackers to bypass authentication and gain administrative access by setting the user cookie to "demo."...

CVE-2008-5648

SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers to execute arbitrary SQL commands via the adminusername parameter. NOTE: some of these details are obtained from third party information...

Sql injection

SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers to execute arbitrary SQL commands via the adminusername parameter. NOTE: some of these details are obtained from third party information...

CVE-2008-5648

SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers to execute arbitrary SQL commands via the adminusername parameter. NOTE: some of these details are obtained from third party information...

CVE-2008-5648

DeltaScripts PHP Shop 1.0 is vulnerable to SQL injection in admin/login.php via the admin_username parameter. The underlying issue is an unsafely handled input that allows remote attackers to modify the SQL executed by the application, enabling arbitrary SQL commands. This vulnerability is docume...