6 matches found
Unauthorized Access to Private Fields in User Registration API
System Details | Name | Value | |----------|------------------------| | OS | Windows 11 | | Version | 4.11.1 node v16.14.2 | | Database | mysql | Description I marked some fields as private fields in user content-type, and tried to register as a new user via api, at the same time I added content ...
cpcommerce-bypass.txt
Author: girex Homepage: girex.altervista.org CMS: cpCommerce 1.2.6 Site: http://cpcommerce.cpradio.org/ Bug: URL Rewrite - Input variables overwrite PoC: Auth bypass - Shell upload Note: Works regardless php.ini settings Vendor informed: 23/11/08 cpCommerce 1.2.7 released: 30/11/08 Public advisor...
CPCommerce 1.2.6 - URL Rewrite Input Variable Overwrite Authentication Bypass
CPCommerce 1.2.6 - URL Rewrite Input Variable Overwrite Authentication Bypass Author: girex Homepage: girex.altervista.org CMS: cpCommerce 1.2.6 Site: http://cpcommerce.cpradio.org/ Bug: URL Rewrite - Input variables overwrite PoC: Auth bypass - Shell upload Note: Works regardless php.ini setting...
cpCommerce 1.2.6 (URL Rewrite) Input variable overwrite / Auth bypass
No description provided by source. Author: girex Homepage: girex.altervista.org CMS: cpCommerce 1.2.6 Site: http://cpcommerce.cpradio.org/ Bug: URL Rewrite - Input variables overwrite PoC: Auth bypass - Shell upload Note: Works regardless php.ini settings Vendor informed: 23/11/08 cpCommerce 1.2....
Geodesic Solutions (Multiple Products) - index.php?b SQL Injection
Geodesic Solutions Multiple Products - index.php?b SQL Injection source: https://www.securityfocus.com/bid/19093/info GeodesicSolutions products are prone to multiple SQL-injection vulnerabilities because the applications fail to properly sanitize user-supplied input before using it in an SQL...
LogiSphere 0.9.9 j - viewsource.jsp?source Traversal Arbitrary File Access
LogiSphere 0.9.9 j - viewsource.jsp?source Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15807/info LogiSphere is prone to multiple directory traversal vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...