CVE-2019-25337

CVE-2019-25337 affects OwnCloud 8.1.8. The issue is a username enumeration flaw exposing user accounts by manipulating the share.php endpoint: sending crafted GET requests to /index.php/core/ajax/share.php with a wildcard search parameter can reveal user information. Root cause appears to be impr...

CVE-2019-25337

OwnCloud 8.1.8 contains a username enumeration vulnerability that allows remote attackers to discover user accounts by manipulating the share.php endpoint. Attackers can send crafted GET requests to /index.php/core/ajax/share.php with a wildcard search parameter to retrieve comprehensive user...

EUVD-2022-43135

Malicious code in bioql PyPI...

CVE-2022-3789

A vulnerability has been found in Tim Campus Confession Wall and classified as critical. Affected by this vulnerability is an unknown functionality of the file share.php. The manipulation of the argument postid leads to sql injection. The exploit has been disclosed to the public and may be used...

CVE-2022-3789

A vulnerability has been found in Tim Campus Confession Wall and classified as critical. Affected by this vulnerability is an unknown functionality of the file share.php. The manipulation of the argument postid leads to sql injection. The exploit has been disclosed to the public and may be used...

Sql injection

A vulnerability has been found in Tim Campus Confession Wall and classified as critical. Affected by this vulnerability is an unknown functionality of the file share.php. The manipulation of the argument postid leads to sql injection. The exploit has been disclosed to the public and may be used...

domainsherpa.com XSS vulnerability

Open Bug Bounty ID: OBB-644831 Description| Value ---|--- Affected Website:| domainsherpa.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

talentsmart.com XSS vulnerability

Open Bug Bounty ID: OBB-519735 Description| Value ---|--- Affected Website:| talentsmart.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

blog.trendmicro.com.tw XSS vulnerability

Open Bug Bounty ID: OBB-519733 Description| Value ---|--- Affected Website:| blog.trendmicro.com.tw Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

dailyasianage.com XSS vulnerability

Open Bug Bounty ID: OBB-519709 Description| Value ---|--- Affected Website:| dailyasianage.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

sonalibarta.com XSS vulnerability

Open Bug Bounty ID: OBB-519693 Description| Value ---|--- Affected Website:| sonalibarta.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

etsycontest.com XSS vulnerability

Vulnerable URL: http://etsycontest.com/share.php?daylimit=7=="=price=price===100=0=recent Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 11016901 VIP website status:| No Check...

CVE-2015-7698

icewind1991 SMB before 1.0.3 allows remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument in the 1 listShares function in Server.php or the 2 connect or 3 read function in Share.php...

Command injection

icewind1991 SMB before 1.0.3 allows remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument in the 1 listShares function in Server.php or the 2 connect or 3 read function in Share.php...

CVE-2015-7698

CVE-2015-7698 affects ownCloud Server’s external legacy SMB storage. The issue arises from inadequate neutralization of special characters in SMB user input, enabling remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument (affecting listShares i...

Social Ring 1.0 - share.php url Parameter Reflected XSS

The Social Ring Facebook Like, Google +1, ReTweet, LinkedIn and Pin It WordPress plugin was affected by a share.php url Parameter Reflected XSS security vulnerability...

Anymacro Mail System 6 /share.php SQL注入漏洞

No description provided by source...

WordPress Social Ring 1.1.9 Cross Site Scripting

Exploit Title : Wordpress social ring Cross Site Scripting Exploit Author : Ashiyane Digital Security Team Vulnerable version : 1.0 up to 1.1.9 Software Link : http://downloads.wordpress.org/plugin/wordpress-social-ring.1.1.9.zip Date : 2014-01-18 Tested on : Windows 7 discovered by : ACC3SS...

CVE-2012-4393

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users for requests that use 1 addBookmark.php, 2 delBookmark.php, or 3 editBookmark.php in bookmarks/ajax/; 4 calendar/delete.php, 5 calendar/edit.php...