Deserialization of untrusted data

app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP fileexists function is used with user-controlled entries, and phar:// URLs trigger deserialization...

CVE-2019-12868

app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP fileexists function is used with user-controlled entries, and phar:// URLs trigger deserialization...

CVE-2018-19892

DomainMOD through 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field...

CVE-2018-19892

DomainMOD 4.11.01 has a Cross-Site Scripting (XSS) vulnerability via the admin/dw/add-server.php DisplayName, HostName, or UserName fields. The Nuclei template specifies the path as /domain//admin/dw/add-server.php and describes a stored XSS that can execute arbitrary JavaScript in the victim’s b...

Sql injection

DISPUTED MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because server.php is intended to execute arbitrary SQL statemen...

CVE-2018-6382

MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because server.php is intended to execute arbitrary SQL statements on...

CVE-2018-6382

MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because server.php is intended to execute arbitrary SQL statements on...

CVE-2018-6382

MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0.0.1 IP address. NOTE: the vendor disputes the significance of this report because server.php is intended to execute arbitrary SQL statements on...

PT-2018-17520 · Mantisbt · Mantisbt

Name of the Vulnerable Software and Affected Versions: MantisBT version 2.10.0 Description: The issue allows local users to conduct SQL Injection attacks via the sql parameter in a request to the server.php endpoint, accessible from the 127.0.0.1 IP address. It is worth noting that the vendor...

hitek.fr XSS vulnerability

Vulnerable URL: http://hitek.fr/server.php?action=loadproducts Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 19:03 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 11727 VIP website status:| Yes Check hitek.f...

handyhost.ru XSS vulnerability

Vulnerable URL: https://handyhost.ru/livezilla/server.php/bizaaooyds?request=track=jcrpt=0.11014420824661403 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 483971 VIP website...

CVE-2015-7698

icewind1991 SMB before 1.0.3 allows remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument in the 1 listShares function in Server.php or the 2 connect or 3 read function in Share.php...

Command injection

icewind1991 SMB before 1.0.3 allows remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument in the 1 listShares function in Server.php or the 2 connect or 3 read function in Share.php...

CVE-2015-7698

CVE-2015-7698 affects ownCloud Server’s external legacy SMB storage. The issue arises from inadequate neutralization of special characters in SMB user input, enabling remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument (affecting listShares i...

WordPress <= 4.3.0 权限提升漏洞

越权操作位于 XMLRPC 文章编辑操作中，涉及文件 /wp-includes/class-wp-xmlrpc-server.php 5042-5327 其中关键代码分析： public function mweditPost $args $this-escape $args ; $postID = int $args0; // 获取需要编辑的文章ID 用户所属 $username = $args1; // 从请求的xml中获取用户名 $password = $args2; // 从请求的xml中获取用户密码 $contentstruct = $args3; // 从请求的xml中获取结...

jkkeskus.ee XSS vulnerability

Vulnerable URL:...

PsychoStats <= 2.3 - Server.PHP Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24039/info PsychoStats is prone to a path-disclosure issue when invalid data is submitted. Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerab...

ADODB < 4.70 (PhpOpenChat 3.0.x) Server.php SQL Injection Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo PhpOpenChat 3.0.x ADODB Server.php \sql\ SQL injection\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; echo dork: Welcome to your PHPOpenChat-Installation!\r\n\r\n; if $argc4...

Nucleus 3.61 - Multiple Remote File Include

No description provided by source. Nucleus v3.61 === Multiple Remote File Include By n0n0x Homepage: http://priasantai.uni.cc/ Download script :http://sourceforge.net/projects/nucleuscms/ ========================================= nucleus3.61/action.php?DIRLIBS=y0ur g4y sh3ll????????????? 13. / 14...

F5 Networks BIG-IP - XML External Entity Injection

F5 Networks BIG-IP - XML External Entity Injection source: https://www.securityfocus.com/bid/57496/info F5 Networks BIG-IP is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to obtain potentially sensitive information from local files on computers running...