Victor CMS SQL注入漏洞

Victor CMS is an open-source content management system developed by Victor Alagwu in Nigeria. Version 1.0 of Victor CMS has a SQL injection vulnerability. This vulnerability stems from post parameters that allow SQL injections, which may enable unverified attackers to manipulate database queries,...

EUVD-2018-2771

Malware in sbrugna...

CVE-2021-24322

The Database Backup for WordPress plugin before 2.4 did not escape the backuprecipient POST parameter in before output it back in the attribute of an HTML tag, leading to a Stored Cross-Site Scripting issue...

CVE-2025-32984

NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting XSS via a certain POST parameter...

CVE-2024-40069

Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting XSS via idgenerator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'...

CVE-2024-39759

Multiple OS command injection vulnerabilities exist in the login.cgi setsysinit functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A comman...

CVE-2024-39761

Multiple OS command injection vulnerabilities exist in the login.cgi setsysinit functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities.A comman...

CVE-2024-39759

CVE-2024-39759 affects the Wavlink AC3000 M33A8.V5030.210505 router, where multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() function. The root cause is improper handling of input in the restart_hour_value (and related) POST parameters, which can be invoked by un...

Victor CMS 1.0 - (add_user) Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Victor CMS 1.0 - 'adduser' Persistent Cross-Site Scripting Exploit Author: Nitya Nand Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1....

Victor CMS 1.0 - 'add_user' Persistent Cross-Site Scripting

Exploit Title: Victor CMS 1.0 - 'adduser' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-05-23 Exploit Author: Nitya Nand Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: Linux C...

Sql injection

An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST paramet...