Cross site scripting

An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in web/skins/classic/views/plugin.php via the zm/index.php?view=plugin pl parameter...

CVE-2019-6777

An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in web/skins/classic/views/plugin.php via the zm/index.php?view=plugin pl parameter...

Authentication flaw

Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to bypass authentication by leveraging a non-empty wechatcommonmemberwechatmp to gain login access to an account via a plugin.php ac=wxregister request the attacker does not have control over which account will be accessed...

CVE-2018-20423

Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to bypass a "disabled registration" setting by adding a non-existing wxopenid value to the plugin.php ac=wxregister query string...

Design/Logic Flaw

Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to delete the commonmemberwechatmp data structure via an ac=unbindmp request to plugin.php...

Design/Logic Flaw

Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to bypass a "disabled registration" setting by adding a non-existing wxopenid value to the plugin.php ac=wxregister query string...

CVE-2018-20422

Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to bypass authentication by leveraging a non-empty wechatcommonmemberwechatmp to gain login access to an account via a plugin.php ac=wxregister request the attacker does not have control over which account will be accessed...

CVE-2018-20424

Discuz! DiscuzX 3.4 is vulnerable when WeChat login is enabled: a remote attacker can delete the common_member_wechatmp data structure by sending ac=unbindmp to plugin.php. This is documented in CVE-2018-20424 and CNVD-2018-26767, noting a remote deletion Impact. The provided sources do not inclu...

CVE-2018-20424

Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to delete the commonmemberwechatmp data structure via an ac=unbindmp request to plugin.php...

TPshop 后台代码执行漏洞

0x01 说明 TPshop开源商城系统 Thinkphp shop的简称 ，是深圳搜豹网络有限公司开发的一套多商家模式的商城系统。适合企业及个人快速构建个性化网上商城。包含PC+IOS客户端+Adroid客户端+微商城，系统PC+后台是基于ThinkPHP5 MVC构架开发的跨平台开源软件，设计得非常灵活，具有模块化架构体系和丰富的功能，易于与第三方应用系统无缝集成，在设计上，包含相当全面，以模块化架构体系，让应用组合变得相当灵活，功能也相当丰富。 下载地址：http://www.tp-shop.cn/Index/Index/download.html 目录大概结构 ├─index.p...

CVE-2016-10105

admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence...

CVE-2016-10083

CVE-2016-10083 affects Piwigo (admin/plugin.php) up to version 2.8.3. The vulnerability is a Cross-site Scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via a crafted filename that is mishandled in a specific error case. The public records in the connected ...

WooCommerce Swipe <= 2.7.1 - Unauthenticated Reflected XSS

The last time it was checked the plugin was still affected and had been closed. http://www.example.com/wp-content/plugins/swipehq–payment–gateway–woocommerce/test-plugin.php?apiurl=apiurl%27%3E%3Cscript%3Ealert%284%29%3C/script%3E...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in wlcms-plugin.php in the White Label CMS plugin before 1.5.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify the developer name via the wlcmsodevelopername parameter in a save action to...

CVE-2012-5388

CVE-2012-5388 is an XSS vulnerability in the White Label CMS plugin for WordPress (wlcms-plugin.php) version 1.5. It allows remote authenticated administrators to inject arbitrary web script or HTML via the wlcms_o_developer_name parameter during a save action to wp-admin/admin.php. This is relat...

WordPress White Label CMS Plugin <= 1.5 - XSS

Because of this vulnerability in wlcms-plugin.php, the authenticated administrators can inject arbitrary web script or HTML via the "wlcmsodevelopername" parameter. Solution Update the plugin...

Membris v 2.0.1 Sql \ XSS & File Disclosure Vulnerabilities

Exploit for php platform in category web applications Exploit:Membris v 2.0.1 Sql \ XSS & File Disclosure Vulnerabilities Google Dork: Powered by Membris v 2.0.1 Date: Dr.abolalh Author:01/06/2012 E-Mail: email protected Software Link: http://scripts.toocharger.com/fiches/scripts/membris/5258.htm...

PHPCMS V9 (plugin.php)本地文件包含漏洞

由于文件/plugin.php对于用户提交的变量未过滤，导致本地文件包含漏洞的产生。 相关代码如下： 文件plugin.php ifisset$GET'id' list$identification, $filename,$action = explode'-', $GET'id'; $filename = !empty$filename ? $filename : $identification; $action = !empty$action ? $action : 'init'; $cache = getcache$identification,'plugins';...

CVE-2011-3356

Multiple cross-site scripting XSS vulnerabilities in configdefaultsinc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO, as demonstrated by the PATHINFO to 1 manageconfigemailpage.php, 2 manageconfigworkflowpage.php, or 3 bugs/plugin.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in configdefaultsinc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO, as demonstrated by the PATHINFO to 1 manageconfigemailpage.php, 2 manageconfigworkflowpage.php, or 3 bugs/plugin.php...