Lucene search
K

29 matches found

wpexploit
wpexploit
added 2021/07/26 12:0 a.m.1607 views

uListing < 2.0.4 - Unauthenticated SQL Injection

An Unauthenticated SQL Injection vulnerability was discovered in the plugin. Vulnerable parameters: custom. SQL Injection types: Error-based, Boolean-based Blind, Time-based Blind. PoC 1 | Unauthenticated SQL Injection | Tables: sqlmap...

7.5CVSS0.9AI score0.02067EPSS
Exploits1
Packet Storm
Packet Storm
added 2020/12/04 12:0 a.m.783 views

Laravel Nova 3.7.0 Denial Of Service

Exploit Title: Laravel Nova 3.7.0 - 'range' DoS Date: June 22, 2020 Exploit Author: iqzer0 Vendor Homepage: https://nova.laravel.com/ Software Link: https://nova.laravel.com/releases Version: Version v3.7.0 Tested on: Manjaro / Chrome v83 An authenticated user can crash the application by setting...

Exploits0
Exploit DB
Exploit DB
added 2020/12/04 12:0 a.m.960 views

Laravel Nova 3.7.0 - &#039;range&#039; DoS

Exploit Title: Laravel Nova 3.7.0 - 'range' DoS Date: June 22, 2020 Exploit Author: iqzer0 Vendor Homepage: https://nova.laravel.com/ Software Link: https://nova.laravel.com/releases Version: Version v3.7.0 Tested on: Manjaro / Chrome v83 An authenticated user can crash the application by setting...

7.4AI score
Exploits0
NVD
NVD
added 2014/10/14 2:55 p.m.16 views

CVE-2014-6313

Cross-site scripting XSS vulnerability in the WooCommerce plugin before 2.2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the range parameter on the wc-reports page to wp-admin/admin.php...

4.3CVSS5.8AI score0.02023EPSS
Exploits1References4
Prion
Prion
added 2014/10/14 2:55 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in the WooCommerce plugin before 2.2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the range parameter on the wc-reports page to wp-admin/admin.php...

4.3CVSS6.3AI score0.02023EPSS
Exploits1References4Affected Software1
Zero Science Lab
Zero Science Lab
added 2011/06/02 12:0 a.m.20 views

Ushahidi 2.0.1 (range param) SQL Injection Vulnerability (post-auth)

Summary The Ushahidi Platform is a platform for information collection, visualization and interactive mapping. Description Input passed via the 'range' parameter to dashboard.php is not properly sanitised in application/controllers/admin/dashboard.php before being used in SQL queries. This can be...

6AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/02/25 9:44 p.m.12 views

CVE-2008-0932

diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter...

7.5CVSS6.1AI score0.02901EPSS
Exploits0References1
OSV
OSV
added 2008/02/25 9:44 p.m.1 views

DEBIAN-CVE-2008-0932

diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter...

7.5CVSS7.8AI score0.02901EPSS
Exploits0References1
Cvelist
Cvelist
added 2008/02/25 9:0 p.m.33 views

CVE-2008-0932

diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter...

7.3AI score0.02901EPSS
Exploits0References13
Rows per page
Query Builder