Cross site request forgery (csrf)

\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftpsave...

CVE-2018-16732

\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftpsave...

malerblatt-konradin.de XSS vulnerability

Vulnerable URL: http://malerblatt-konradin.de/comsetting/setting.php?ref==282=1021= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 15451590 VIP website status:| No Coordinated...

BanManager WebUI 1.5.8 - PHP Code Injection Vulnerability

Exploit for php platform in category web applications BanManager WebUI 1.5.8 - PHP Code Injection & Stored XSS Exploit Title: BanManager WebUI - PHP Code Injection & Stored XSS Date: 2017-05-10 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage:...

Tipask 2.5 setting.php 存在CSRF漏洞 (结合xss可getshell)

No description provided by source...

Xhanch my Twitter - CSRF in admin/setting.php

The Xhanch – My Twitter WordPress plugin was affected by a CSRF in admin/setting.php security vulnerability...

CVE-2013-3253

CVE-2013-3253 documents a Cross-Site Request Forgery (CSRF) in the WordPress plugin Xhanch – My Twitter, specifically in admin/setting.php. Affected plugin versions are prior to 2.7.7, enabling remote attackers to hijack the administrator’s authentication to perform actions that change unspecifie...

CVE-2005-4219

setting.php in Innovative CMS ICMS, formerly Imoel-CMS contains username and password information in cleartext, which might allow attackers to obtain this information via a direct request to setting.php. NOTE: on a properly configured web server, it would be expected that a .php file would be...

CVE-2005-4219

setting.php in Innovative CMS ICMS, formerly Imoel-CMS contains username and password information in cleartext, which might allow attackers to obtain this information via a direct request to setting.php. NOTE: on a properly configured web server, it would be expected that a .php file would be...

imoelPassword.txt

IMOEL CMS has the weakness to download the plain text sql password in the setting.php file / $setting'host''username' = 'sqlusername'; $setting'host''password' = 'sqlpassword'; so u can download the setting.php file & view the plain text password as the default imoel cms set the administrator use...

IMOEL CMS Sql password discovery

IMOEL CMS has the weakness to download the plain text sql password in the setting.php file / $setting'host''username' = 'sqlusername'; $setting'host''password' = 'sqlpassword'; so u can download the setting.php file & view the plain text password as the default imoel cms set the administrator use...