PHPSUGAR PHP Melody 跨站脚本漏洞

PHPSUGAR PHP Melody is a content management system developed by PHPSUGAR Corporation. The PHPSUGAR PHP Melody 3.0 version has a cross-site scripting vulnerability. This vulnerability stems from a persistent cross-site scripting vulnerability present in the video editor, which could allow privileg...

PHPSUGAR PHP Melody 跨站脚本漏洞

PHPSUGAR PHP Melody is a content management system developed by PHPSUGAR. The PHPSUGAR PHP Melody 3.0 version has a cross-site scripting vulnerability. This vulnerability stems from the submitted parameter in the edit-video.php file, which has a persistent cross-site scripting vulnerability. This...

PHPSUGAR PHP Melody SQL注入漏洞

PHPSUGAR PHP Melody is a content management system developed by PHPSUGAR. Version 3.0 of PHPSUGAR PHP Melody contains an SQL injection vulnerability. This vulnerability stems from the vid parameter in the video editing module, which has a remote SQL injection vulnerability. This could allow...

EUVD-2017-7030

Malware in sbrugna...

EUVD-2017-6550

Malware in sbrugna...

EUVD-2017-7031

Malware in sbrugna...

EUVD-2017-7099

Malware in sbrugna...

phpsugar.com XSS vulnerability

Open Bug Bounty ID: OBB-457739 Description| Value ---|--- Affected Website:| phpsugar.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...

PHP Melody 2.6.1 - SQL Injection

PHP Melody 2.6.1 - SQL Injection + Author : Venkat Rajgor + Email : [email protected] + Vulnerability : SQL injection E-mail ID : [email protected] Download : http://www.phpsugar.com Web : http://www.phpsugar.com Price : $39 USD Vulnerable parameter: http://x.x.x.x/playlists.php?playlist=...

PHP Melody 2.6.1 - SQL Injection

Author : Venkat Rajgor + Email : [email protected] + Vulnerability : SQL injection E-mail ID : [email protected] Download : http://www.phpsugar.com Web : http://www.phpsugar.com Price : $39 USD Vulnerable parameter: http://x.x.x.x/playlists.php?playlist= Application : PHPSUGAR PHP Melody...

Sql injection

In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php...

CVE-2017-15081

In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php...

CVE-2017-15081

CVE-2017-15081 : In PHPSUGAR PHP Melody CMS 2.6.1, there is a SQL Injection in the parameter playlist of playlists.php. The vulnerability is demonstrated in public exploit listings (e.g., payloads showing UNION-based injections) and CNVD/CVE records describe that an attacker can inject SQL to acc...

CVE-2017-15081

In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php...

CVE-2017-15648

In PHPSUGAR PHP Melody before 2.7.3, pagemanager.php has XSS via the pagetitle parameter...

CVE-2017-15648

In PHPSUGAR PHP Melody before 2.7.3, pagemanager.php has XSS via the pagetitle parameter...

CVE-2017-15648

CVE-2017-15648 : In PHPSUGAR PHP Melody before 2.7.3, the file page_manager.php is vulnerable to XSS via the page_title parameter . Affected software: PHPSUGAR PHP Melody versions preceding 2.7.3. Root cause: improper handling/escaping of user-supplied input in page_title leading to script inject...

CVE-2017-15578

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/editcategory.php...

Sql injection

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/editcategory.php...

CVE-2017-15579

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aapagesperpage cookie in a playlist action to watch.php...