CVE-2017-5963

An issue was discovered in caddy for TYPO3 before 7.2.10. The vulnerability exists due to insufficient filtration of user-supplied data in the "paymillToken" HTTP POST parameter passed to the "caddy/Resources/Public/JavaScript/e-payment/paymill/api/php/payment.php" URL. An attacker could execute...

Home of Viral Images, Videos and Articles Script - SQL Injection Vulnerability

Exploit for php platform in category web applications Vulnerability: SQL Injection Date: 19.01.2017 Vendor Homepage: http://www.scriptfolder.com/ Script Name: Home of Viral Images, Videos and Articles Script Script Buy Now:...

Study Abroad Education Website Script SQL Injection

Vulnerability: SQL Injection + Authentication Bypass Date: 18.01.2017 Vendor Homepage: http://www.scriptgiant.com/ Script Name: Study Abroad Educational Website Script Script Buy Now: http://www.popularclones.com/products/Study-Abroad-Educational-Website Author: Ihsan Sencan Author Web:...

Yoga and Fitness Website Script - SQL Injection

Yoga and Fitness Website Script - SQL Injection Vulnerability: SQL Injection Date: 18.01.2017 Vendor Homepage: http://www.scriptgiant.com/ Script Name: Yoga and Fitness Website Script Script Buy Now: http://www.popularclones.com/products/Yoga-and-Fitness-Website Author: Ihsan Sencan Author Web:...

Shiksha Educational Website Script - SQL Injection

Vulnerability: SQL Injection + Authentication Bypass Date: 18.01.2017 Vendor Homepage: http://www.scriptgiant.com/ Script Name: Shiksha Educational Website Script Script Buy Now: http://www.popularclones.com/products/Shiksha-Educational Author: Ihsan Sencan Author Web: http://ihsan.net Mail :...

Finance Website Script - SQL Injection

Finance Website Script - SQL Injection Vulnerability: SQL Injection Date: 18.01.2017 Vendor Homepage: http://www.scriptgiant.com/ Script Name: Finance Website Script Script Buy Now: http://www.popularclones.com/products/Finance-Website-Script Author: Ihsan Sencan Author Web: http://ihsan.net Mail...

Maian Weblog Cross-Site Request Forgery Vulnerability

Maian Weblog is a free and open source PHP blogging system developed by British software developer David Ian Bennett. The system includes modules for commenting, searching, uploading images and videos. A cross-site scripting vulnerability exists in the index.php script of Maian Weblog 4.0 and...

Code injection

Fortinet FortiWan formerly AscernLink before 4.2.5 allows remote authenticated users to obtain sensitive information from 1 a backup of the device configuration via script/cfgshow.php or 2 PCAP files via script/system/tcpdump.php...

UBUNTU-CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

CVE-2015-8152

Cross-site request forgery CSRF vulnerability in Symantec Endpoint Protection Manager SEPM 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Symantec Endpoint Protection Manager SEPM 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script...

Web Reference Database Command Execution Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. A vulnerability in the handling of the 'adminPassword' parameter in the Web Reference Databaseinstall.php script allows remote attackers to...

KnowledgeTree 'login.php' Cross-Site Scripting Vulnerability

KnowledgeTree is a Web-based open source document management system . A cross-site scripting vulnerability exists in KnowledgeTree login.php, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or...

CVE-2015-4330

A local file script in Cisco TelePresence Video Communication Server VCS Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556...

Fastspot BigTree 'admin.php' Script HTML Injection Vulnerability

Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. An HTML injection vulnerability exists in Fastspot BigTree CMS versions prior to 4.2.3, which stems from the program failing to adequately filter user-submitted input. When...

QuickTalk 1.5 Password Hash Disclosure

| Title : QuickTalk 1.5 Reinstall Script Vulnerability | Author : indoushka | email : [email protected] | Dork : powered by QT-cute | Tested on: windows 8.1 Français V.Pro | Bug : Reinstall Script | Download : http://www.scriptmafia.org ======================================= 1 -...

CVE-2014-8578

Cross-site scripting XSS vulnerability in the Groups panel in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-3475...

SuSE 6.x/7.0 MkDir Error Handling rctab Race Condition Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/2207/info rctab is the Run Control Tab script included with the SuSE distribution of the Linux Operating System. SuSE is a freely available, Open Source Operating system maintained by SuSE Incorporated. A race condition i...

betaparticle blog 2.0/3.0 upload.asp Unauthenticated File Upload

No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...

Custom Business Card script SQL injection Vulnerability

No description provided by source. Exploit Title: Custom Business Card script SQL injection Vulnerability Date: 23/06/2010 Author: JaMbA Script url: http://www.2daybiz.com/custombusscardscript.html Version: N/A Tested on: Windows CVE : ::::::::::::::::::::::::: :::::::::::::::::::::::::...