136 matches found
CVE-2009-5043
burn allows file names to escape via mishandled quotation marks...
CVE-2009-5043
Technical details for CVE-2009-5043 are not publicly available in the provided connected documents. No affected products, versions, or remediation are specified here; monitor for updated advisories.
SQL Injection Vulnerability in Kaixin Quote System V2.0
Qixing Quotation System V2.0 is a general management system developed for material quotations. The Qixing Quotation System V2.0 suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
Unauthorized Download Vulnerability in Kaixin Quote System
Qixing Quotation System V2.0 is a general management system developed for material quotations. Unauthorized download vulnerability exists in the Qixing Quotation System, which can be exploited by an attacker to obtain sensitive information by unauthorized downloading of sensitive files...
Fedora 30 : filezilla / libfilezilla (2019-7b9af09b17)
Bugfixes, and a security fix: Fixed vulnerabilities : Filenames containing double-quotation marks were not escaped correctly when selected for opening/editing. Depending on the associated program, parts of the filename could be interpreted as commands. Note that Tenable Network Security has...
EasyService Billing Cross-Site Request Forgery Vulnerability
EasyService Billing is a PHP-based service-oriented consumer business management system . A cross-site request forgery vulnerability exists in EasyService Billing version 1.0. A remote attacker can exploit this vulnerability to perform unauthorized operations with...
EasyService Billing 1.0 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications history.pushState'', '', '/' form action="http://test.com/EasyServiceBilling/quotation-new3-new2.php?add=true&id=139" method="P...
EasyService Billing 1.0 - Cross-Site Request Forgery
history.pushState'', '', '/' input type="hidden" nam...
EasyService Billing 1.0 - Cross-Site Request Forgery
EasyService Billing 1.0 - Cross-Site Request Forgery history.pushState'', '', '/' input typ...
CVE-2018-11442
A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation...
CVE-2018-11442
A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation...
Cross site request forgery (csrf)
A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation...
CVE-2018-11442
CVE-2018-11442 concerns a Cross‑Site Request Forgery in EasyService Billing 1.0. The vulnerability is triggered via the URI quotation-new3-new2.php?add=true&id= and can enable unauthorized actions on behalf of an authenticated user (CSRF in the quotation process). Several connected records descri...
CVE-2018-11442
A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation...
EasyService Billing 1.0 SQL Injection / Cross Site Scripting
------------------- Exploit 1 of 2: Exploit Title: EasyService Billing 1.0 - 'template.php' SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Azkan Mustafa AkkuA AkkuS Vendor Homepage:...
Threat Outbreak Alert RuleID30923: Email Messages Distributing Malicious Software on November 13, 2017
Medium Alert ID: 55882 First Published: 2017 November 13 12:31 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30923 may contain the following files: Name |...
Threat Outbreak Alert RuleID30637: Email Messages Distributing Malicious Software on September 18, 2017
Medium Alert ID: 55318 First Published: 2017 September 18 14:18 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30637 may contain the following files: Name ...
Threat Outbreak Alert RuleID29302: Email Messages Distributing Malicious Software on May 29, 2017
Medium Alert ID: 53991 First Published: 2017 May 30 18:46 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29302 may contain the following files: Name | Size...
Threat Outbreak Alert RuleID29243: Email Messages Distributing Malicious Software on May 23, 2017
Medium Alert ID: 53929 First Published: 2017 May 23 15:06 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29243 may contain the following files: Name | Size...
Threat Outbreak Alert RuleID29125: Email Messages Distributing Malicious Software on May 12, 2017
Medium Alert ID: 53824 First Published: 2017 May 12 15:43 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID29125 may contain the following files: Name | Size...