966 matches found
CVE-2018-13316
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "subnet" POST parameter...
CVE-2018-13307
System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ntpServerIp2" POST parameter. Certain payloads cause the device to become permanently inoperable...
Command injection
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ipAddr" POST parameter...
CVE-2018-13311
System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "sambaUser" POST parameter...
CVE-2018-19204
PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker with read-write privileges to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport' is mishandled. The attacker can...
Wikidforum 2.20 - Cross-Site Scripting
Wikidforum 2.20 - Cross-Site Scripting Exploit Title: Wikidforum 2.20 - Cross-Site Scripting Date: 2018-10-10 Exploit Author: Amir Hossein Mahboubi Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link:...
Wikidforum 2.20 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Wikidforum 2.20 - Cross-Site Scripting Exploit Author: Amir Hossein Mahboubi Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link:...
Wikidforum 2.20 - Cross-Site Scripting
Exploit Title: Wikidforum 2.20 - Cross-Site Scripting Date: 2018-10-10 Exploit Author: Amir Hossein Mahboubi Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link: https://sourceforge.net/projects/wikidforum/files/Wikidforum-com-ed.2.20.zip/download Version:...
Wikidforum 2.20 select_sort SQL Injection
Exploit Title: Wikidforum 2.20 - 'selectsort' SQL Injection Date: 2018-10-08 Exploit Author: Seccops - Siber GA1/4venlik Hizmetleri https://seccops.com Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link:...
IBM: Reflected XSS and Blind out of band command injection at subdomain dstuid-ww.dst.ibm.com
I found an XSS and Blind OS based injection issue due to the incorrect handling of the characters in THE EMAIL get& post parameters. A injected and a sleep command succesfully executed, the following link works as a PoC that alerts the string in the script: I reproduced the same on Firefox and IE...
Zomato: [www.zomato.com] SQLi - /php/██████████ - item_id
Thanks @gerbenjavado for helping us keep @zomato secure : Thanks to the entire @Zomato team for doing this challenge. Its a pleasure to be back in the bug bounty game after a while. Introduction So I managed to find SQLi on https://www.zomato.com/php/██████████ in the POST parameter itemid...
ShopsN open source online store system adHandle function there are SQL injection vulnerabilities
ShopsN free version of the B2C e-commerce is a product of Shanghai Yisu Network Technology Co., Ltd. a full-featured enterprise-class commercial standards in line with the real allow free commercial use of open source online store full network system. ShopsN 2.3.3 official version of the adHandle...
CVE-2016-6566
The valueAsString parameter inside the JSON payload contained by the ucLogintxtLoginIdClientStat POST parameter of the Sungard eTRAKiT3 software version 3.2.1.17 is not properly validated. An unauthenticated remote attacker may be able to modify the POST request and insert a SQL query which may...
CVE-2016-6545 iTrack Easy does not use session cookies to maintain sessions and POSTs the users password over HTTPS for each request
Session cookies are not used for maintaining valid sessions in iTrack Easy. The user's password is passed as a POST parameter over HTTPS using a base64 encoded passwd field on every request. In this implementation, sessions can only be terminated when the user changes the associated password...
ASUSTOR SoundsGood Application Cross-Site Scripting Vulnerability
SUSTOR SoundsGood is a web-based audio/video playback application from ASUSTOR for use on ASUSTOR NAS storage systems. A cross-site scripting vulnerability exists in the playlistmanger.cgi file in the ASUSTOR SoundsGood application. A remote attacker can exploit the vulnerability by injecting...
Cross site scripting
A persistent cross site scripting vulnerability in playlistmanger.cgi in the ASUSTOR SoundsGood application allows attackers to store cross site scripting payloads via the 'playlist' POST parameter...
Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution Exploit
Exploit for multiple platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Struts 2 Struts 1 Plugin Showcase OGNL Code Execution', 'Description' = %q This...
Server side request forgery (ssrf)
EasyCMS 1.3 has XSS via the s POST parameter aka a search box value in an index.php?s=/index/search/index.html request...
Path traversal
An issue was discovered in Reprise License Manager 11.0. This vulnerability is a Path Traversal where the attacker, by changing a field in the Web Request, can have access to files on the File System of the Server. By specifying a pathname in the POST parameter "lf" to the goform/editlfgetdata UR...
CVE-2018-5716
CVE-2018-5716 affects Reprise License Manager 11.0. A Path Traversal flaw allows an attacker to specify a pathname in the POST parameter LF to the goform/edit_lf_get_data URI, enabling retrieval of arbitrary files from the server’s filesystem. This impacts confidentiality and integrity of the ser...