CVE-2018-9928

Cross-site scripting XSS vulnerability in save.php in MetInfo 6.0 allows remote attackers to inject arbitrary web script or HTML via the webname or weburl parameter...

CVE-2018-9928

CVE-2018-9928 is a Cross-site scripting (XSS) vulnerability in MetInfo 6.0, located in save.php, allowing remote attackers to inject arbitrary script via the webname or weburl parameters. Affected software: MetInfo 6.0 (save.php). Root cause: unsanitized user input in webname/weburl leading to sc...

SQL injection vulnerability in the save.php file of TreeHole's external link system

TreeHole Outbound Linking System is a free and open source outbound linking system. Treehole external link system save.php file SQL injection vulnerability , the vulnerability stems from x-forwarded-for failure to adequately filter , an attacker can exploit the vulnerability to access or modify...

MetInfo 5.1 /feedback/uploadfile_save.php 后门漏洞

No description provided by source...

Metinfo 5.0.2 save.php 远程密码修改

No description provided by source...

MetInfo 4.0 member/save.php 任意密码修改漏洞

No description provided by source...

Limesurvey Blind SQL Injection

Exploit Title: LimeSurvey Blind SQL injection Date: 20/02/2012 Author: TorTukiTu - OpenSphere Version: 1.91+ build 11804 Tested on: php ckeprotectedCckeprotectedC ------------------------------------------------------------------------- TorTukiTu - Killing Tortoise ,-"""-. oo./ / \ /\ /// \...

LimeSurvey (PHPSurveyor 1.91+ stable) - Blind SQL Injection

LimeSurvey PHPSurveyor 1.91+ stable - Blind SQL Injection Exploit Title: LimeSurvey Blind SQL injection Date: 20/02/2012 Author: TorTukiTu - OpenSphere Version: 1.91+ build 11804 Tested on: php ckeprotectedCckeprotectedC -------------------------------------------------------------------------...

Limesurvey (PHPSurveyor v.1.91+ stable) Blind SQL Injection

Exploit for php platform in category web applications Exploit Title: LimeSurvey Blind SQL injection Author: TorTukiTu - OpenSphere Version: 1.91+ build 11804 Tested on: php ckeprotectedCckeprotectedC ------------------------------------------------------------------------- TorTukiTu - Killing...

CVE-2009-3188

The CVE-2009-3188 entry concerns phpSANE 0.5.0, where the save.php script’s file_save parameter allows remote file inclusion. The root cause is insufficient sanitization of user-supplied input used in including PHP code, enabling an attacker to execute arbitrary PHP on the server. Documented impa...

phpSANE file_save Parameter Remote File Include

The remote web server is running phpSANE, an open source web-based, front-end to scanners using SANE Scanner Access Now Easy. The version of phpSANE installed on the remote host fails to sanitize user-supplied input to the 'filesave' parameter of the 'save.php' script before using it to include P...

phpSANE 0.5.0 (save.php) Remote File Inclusion Vulnerability

No description provided by source. ----------------------------------------------------------------------------------- phpSANE v 0.5.0 save.php Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------- Author: CoBRa21 Mail:...

phpSANE 0.5.0 (save.php) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ phpSANE 0.5.0 save.php Remote File Inclusion Vulnerability ============================================================...

PHPSANE 0.5.0 - 'save.php' Remote File Inclusion

----------------------------------------------------------------------------------- phpSANE v 0.5.0 save.php Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------- Author: CoBRa21 Mail: [email protected] Script...

PHP Easy Download admin/save.php Parameter Code Injection Vulnerability

The version of PHP Easy Download installed on the remote host fails to sanitize input to the SPDX-FileCopyrightText: 2008 Justin Seitz Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PHP Easy Download admin/save.php Paramater Code Injection Vulnerability

The remote web server contains a PHP script that is affected by a remote code execution issue. Description: The version of PHP Easy Download installed on the remote host fails to sanitize input to the 'moreinfo' parameter before using it in the 'save.php' script. By sending a specially-crafted...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in mesajformu.asp in ASP Ziyaretci Defteri 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 Isim, 2 Mesajiniz, and 3 E-posta fields. NOTE: these probably correspond to the isim, mesaj, and posta parameters to save.php...

Chatness 2.5.3 (options.php/save.php) Remote Code Execution Exploit

No description provided by source. ?/ Files: options.php, save.php Affects: Chatness = 2.5.3 Date: 12th April 2007 Issue Description: =========================================================================== Chatness suffers with two main vulnerabilities, the first of these in /admin/options.ph...

chatness253-multi.txt

?/ Files: options.php, save.php Affects: Chatness = 2.5.3 Date: 12th April 2007 Issue Description: =========================================================================== Chatness suffers with two main vulnerabilities, the first of these in /admin/options.php the problems occur because the...

Chatness <= 2.5.3 (options.php/save.php) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ====================================================================== Chatness = 2.5.3 options.php/save.php Remote Code Execution Exploit ====================================================================== ?/ Files: options.php, save.p...