54 matches found
EUVD-2011-5212
Malware in sbrugna...
EUVD-2015-1652
Malware in sbrugna...
EUVD-2011-5213
Malware in sbrugna...
MAL-2025-31917 Malicious code in redaxscript-flaticon (npm)
The package redaxscript-flaticon was found to contain malicious code...
Malicious code in redaxscript-flaticon (npm)
The package redaxscript-flaticon was found to contain malicious code...
CVE-2011-5313
Multiple SQL injection vulnerabilities in includes/password.php in Redaxscript 0.3.2 allow remote attackers to execute arbitrary SQL commands via the 1 id or 2 password parameter to the passwordreset program...
CVE-2011-5314
templates/default/index.php in Redaxscript 0.3.2 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message...
SQL Injection
redaxmedia/redaxscript is vulnerable to SQL injection attacks. Using the searchterms parameters in the searchpost function in includes/search.php, attackers can inject and execute SQL queries...
redaxscript 2.5.0 Code Execution
Security Advisory - Curesec Research Team 1. Introduction Affected Product: redaxscript 2.5.0 Fixed in: module has been removed in version 2.6.0 Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 10/02/2015...
redaxscript 2.5.0 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: redaxscript 2.5.0 Fixed in: 2.6.1 Fixed Version Link: http://redaxscript.com/files/releases/ redaxscript2.6.1full.zip Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor:...
Radexscript CMS 2.2.0 - SQL Injection vulnerability
Vulnerability title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Vendor: http://redaxscript.com/ Product: Radexscript CMS Software link: http://redaxscript.com/download/releases Affected version: Redaxscript 2.2.0 Fixed version: Redaxscript 2.3.0 CVE ID: CVE-2015-1518 Author: Pham Kien...
Radexscript CMS 'SEARCH_TERMS' Parameter SQL Injection Vulnerability
Redaxscript is a free content management system CMS based on PHP and MySQL. The system is mainly used for small businesses and private site builders. A SQL injection vulnerability exists in the 'searchpost' function in the includes/search.php script in Redaxscript versions prior to 2.3.0. A remot...
CVE-2015-1518
SQL injection vulnerability in the searchpost function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the searchterms parameter...
Sql injection
SQL injection vulnerability in the searchpost function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the searchterms parameter...
CVE-2015-1518
SQL injection vulnerability in the searchpost function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the searchterms parameter...
CVE-2015-1518
The CVE-2015-1518 entry concerns Redaxscript, where versions prior to 2.3.0 contain a SQL injection in includes/search.php (search_post) that accepts input via the search_terms parameter, enabling remote arbitrary SQL execution. Public PoCs/exploits exist (e.g., PacketStorm, Exploit-DB entries) d...
KLA10501 Code execution Redaxscript vulnerability
SQL injection vulnerability was found in Redaxscript. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a searchterms parameters. Original advisories - Exploitation Public exploits exist for this vulnerability. Related...
Redaxscript CMS 2.2.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Google Dork: N/A Date: 02/09/2015 Exploit Author: Pham Kien Cuong email protected & ITAS Team www.itas.vn Vendor Homepage: http://redaxscript.com/ Software Link:...
RedaxScript CMS 2.2.0 - SQL Injection
RedaxScript CMS 2.2.0 - SQL Injection Exploit Title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Google Dork: N/A Date: 02/09/2015 Exploit Author: Pham Kien Cuong [email protected] & ITAS Team www.itas.vn Vendor Homepage: http://redaxscript.com/ Software Link:...
Radexscript CMS 2.2.0 SQL Injection
Vulnerability title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Vendor: http://redaxscript.com/ Product: Radexscript CMS Software link: http://redaxscript.com/download/releases Affected version: Redaxscript 2.2.0 Fixed version: Redaxscript 2.3.0 CVE ID: CVE-2015-1518 Author: Pham Kien...