School ERP Pro+Responsive 1.0 - 'fid' SQL Injection

Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...

School ERP Pro+Responsive 1.0 - Arbitrary File Download

Exploit Title: School ERP Pro+Responsive 1.0 - Arbitrary File Download Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...

CVE-2018-18061

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files...

CVE-2018-18061

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files...

CVE-2018-18062

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attackers to inject arbitrary web script or HTML...

CVE-2018-18062

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attackers to inject arbitrary web script or HTML...

Cross site scripting

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. A reflected XSS vulnerability allows remote attackers to inject arbitrary web script or HTML...

CVE-2018-18061

Summary (CVE-2018-18061): Tecral/Responsive FileManager 9.8.1 exposes an authentication bypass in its dialog.php, allowing remote attackers to access the file-management interface and perform file upload, edit, and delete actions. Concrete PoC references show that a secretkey parameter can bypass...

CVE-2018-18062

The CVE-2018-18062 entry concerns tecrail Responsive FileManager 9.8.1, specifically a vulnerability in dialog.php that enables reflected XSS. An attacker can craft a URL to cause the hosting site's context to execute arbitrary script/HTML in a victim’s browser, potentially stealing cookie-based ...

Responsive Filemanager Cross-Site Scripting Vulnerability

Responsive FileManager is an open source file manager written in PHP that supports uploading and managing videos, images and other files. A cross-site scripting vulnerability exists in Responsive Filemanager version 9.8.1, which can be exploited by a remote attacker to execute script in a victim'...

Responsive Filemanager Authentication Bypass Vulnerability

Responsive FileManager is an open source file manager written in PHP that supports uploading and managing videos, images and other files. An authentication bypass vulnerability exists in Responsive Filemanager version 9.8.1 that allows an attacker to access the file management interface, which...

Responsive Filemanager 9.8.1 Cross Site Scripting

I. VULNERABILITY ------------------------- Responsive Filemanager 9.8.1 Reflected Cross Site Scripting XSS II. CVE REFERENCE ------------------------- CVE-2018-18062 III. VENDOR ------------------------- https://www.responsivefilemanager.com IV. REFERENCES -------------------------...

Responsive Filemanager 9.8.1 Authentication Bypass

I. VULNERABILITY ------------------------- Responsive Filemanager 9.8.1 Authentication Bypass II. CVE REFERENCE ------------------------- CVE-2018-18061 III. VENDOR ------------------------- https://www.responsivefilemanager.com IV. REFERENCES -------------------------...

Component Responsive Portfolio 'filter_order_Dir' SQL Injection Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. A SQL injection vulnerability exists in the Responsive Portfolio 'filterorderDir' component of Joomla! An attacker can execute SQL commands by including vulnerable parameters...

Joomla Responsive Portfolio 1.6.1 Component - filter_order_Dir SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component Responsive Portfolio 1.6.1 - 'filterorderDir' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://extro.media/ Software Link:...

fr.katespade.com XSS vulnerability

Open Bug Bounty ID: OBB-676783 Description| Value ---|--- Affected Website:| fr.katespade.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2018-16780

Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment...

CVE-2018-16780

Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment...

CVE-2018-16780

Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment...

CVE-2018-16780

CVE-2018-16780 affects Complete Responsive CMS Blog up to 2018-05-20 and is due to an XSS via user comments. The available documents confirm the vulnerability type but do not provide product version details, exact vulnerable components, root cause specifics, exploit information, or remediation st...