GHSA-XCR9-PM5W-GVH2 ICEcoder vulnerable to Cross Site Scripting

ICEcoder 8.1 is vulnerable to Cross Site Scripting XSS via lib/settings-screen.php...

ICEcoder vulnerable to Cross Site Scripting

ICEcoder 8.1 is vulnerable to Cross Site Scripting XSS via lib/settings-screen.php...

CVE-2024-41374

ICEcoder 8.1 is vulnerable to Cross Site Scripting XSS via lib/settings-screen.php...

CVE-2024-41374

ICEcoder 8.1 is vulnerable to Cross Site Scripting XSS via lib/settings-screen.php...

CVE-2024-41374

ICEcoder 8.1 is vulnerable to Cross Site Scripting XSS via lib/settings-screen.php...

CVE-2024-1117

A vulnerability was found in openBI up to 1.0.8. It has been declared as critical. Affected by this vulnerability is the function index of the file /application/index/controller/Screen.php. The manipulation of the argument fileurl leads to code injection. The attack can be launched remotely. The...

CVE-2024-1114 openBI Screen.php dlfile access control

A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. T...

CVE-2024-1114 openBI Screen.php dlfile access control

A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. T...

PT-2024-16784 · Openbi · Openbi

Name of the Vulnerable Software and Affected Versions: openBI versions up to 1.0.8 Description: A critical issue has been found, affecting the dlfile function of the file /application/index/controller/Screen.php. The manipulation of the fileUrl argument leads to improper access controls. The atta...

CVE-2024-1036

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function uploadIcon of the file /application/index/controller/Screen.php of the component Icon Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The explo...

CVE-2024-1036 openBI Icon Screen.php uploadIcon unrestricted upload

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function uploadIcon of the file /application/index/controller/Screen.php of the component Icon Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The explo...

Deserialization Of Untrusted Data

orchid/platform is vulnerable to Deserialization of Untrusted Data. The vulnerability exists due to the insecure way of using the state parameter in Screen.php, which allows an attacker to deserialize untrusted data through the state parameter, leading to remote code execution...

CVE-2017-5492

Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...

PHP-fusion dsmsf (module downloads) SQL Injection Exploit

No description provided by source. ======================================================== PHP-fusion dsmsf module downloads SQL Inj3ct0r Exploit ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ ...

PHP-fusion dsmsf (module downloads) SQL Inj3ct0r Exploit

======================================================== PHP-fusion dsmsf module downloads SQL Inj3ct0r Exploit ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' ...

PHP-fusion dsmsf (module downloads) SQL Inj3ct0r Exploit

Exploit for php platform in category web applications ======================================================== PHP-fusion dsmsf module downloads SQL Inj3ct0r Exploit ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0...

PHP-fusion dsmsf Mod Downloads - SQL Injection

======================================================== PHP-fusion dsmsf module downloads SQL Inj3ct0r Exploit ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /...

PHP-fusion dsmsf Mod Downloads - SQL Injection

PHP-fusion dsmsf Mod Downloads - SQL Injection ======================================================== PHP-fusion dsmsf module downloads SQL Inj3ct0r Exploit ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /'...

CVE-2009-3119

Summary: CVE-2009-3119 is a SQL injection in the PHP-Fusion Download System mSF (dsmsf) module, in the file screen.php , where the parameter view_id can be manipulated to execute arbitrary SQL. Affected component: PHP-Fusion dsmsf module (screen.php). Root cause (as stated): Input from view_id is...

PHP-Fusion dsmsf SQL Injection

======================================================== PHP-fusion dsmsf module downloads SQL Inj3ct0r Exploit ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /...