75 matches found
CVE-2018-6902
PHP Scripts Mall Image Sharing Script 1.3.3 has XSS via the Full Name field in an Edit Profile action...
Readymade Video Sharing Script 3.2 SQL Injection
Exploit Title: Readymade Video Sharing Script - SQL Injection Error Based Google Dork: NA Date: 10.02.2018 Exploit Author: Varun Bagaria Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ Version: 3.2 Tested on: Windows...
Readymade Video Sharing Script 3.2 - 'search' SQL Injection
Exploit Title: Readymade Video Sharing Script - SQL Injection Error Based Google Dork: NA Date: 10.02.2018 Exploit Author: Varun Bagaria Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ Version: 3.2 Tested on: Windows...
BizLogic xnami Cross-Site Scripting Vulnerability
BizLogic xnami is a set of PHP-based image sharing scripts online by the BizLogic team. A cross-site scripting vulnerability exists in BizLogic xnami version 1.0. A remote attacker can exploit this vulnerability to steal user and administrator sessions...
StivaSoft PHPJabbers File Sharing Script Cross-Site Scripting Vulnerability
StivaSoft PHPJabbers File Sharing Script is a set of online file sharing scripts from the Bulgarian company StivaSoft. A cross-site scripting vulnerability exists in the comments section of StivaSoft PHPJabbers File Sharing Script. A remote attacker can exploit this vulnerability to inject...
Clooud 1.4.0 Shell Upload
======================================================================================================= | Title : Clooud v1.4.0 - Premium Media Sharing Script unrestricted file upload Vulnerability | | Author : indoushka | | email : [email protected] | | Tested on : windows 10 FranASSais...
Cross site scripting
PHPJabbers File Sharing Script 1.0 has stored XSS in the comments section...
CVE-2017-12813
PHPJabbers File Sharing Script 1.0 has stored XSS in the comments section...
CVE-2017-12813
PHPJabbers File Sharing Script 1.0 has stored XSS in the comments section...
CVE-2017-12813
CVE-2017-12813 affects the PHPJabbers File Sharing Script 1.0 and is a stored cross-site scripting (XSS) vulnerability found in the comments section. The issue enables insertion of arbitrary scripts/HTML that can affect users who view the comments, with the CVSS data indicating network exposure, ...
CVE-2017-17892
Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the searchvideo.php search parameter...
CVE-2017-17891
Readymade Video Sharing Script has CSRF via user-profile-edit.php...
CVE-2017-17893
Readymade Video Sharing Script has XSS via the searchvideo.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter...
Cross site request forgery (csrf)
Readymade Video Sharing Script has CSRF via user-profile-edit.php...
Design/Logic Flaw
Readymade Video Sharing Script has XSS via the searchvideo.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter...
PHP Scripts Mall Readymade Video Sharing Script Cross-Site Scripting Vulnerability
PHP Scripts Mall Readymade Video Sharing Script is a set of PHP based online video sharing website scripts by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Readymade Video Sharing Script. A remote attacker can send a 'search' parameter to the...
CVE-2017-17891
CVE-2017-17891 affects Readymade Video Sharing Script. The vulnerability is a cross-site request forgery (CSRF) in the user-profile-edit.php endpoint. According to CNVD-2018-01938 and corroborating sources, a remote attacker can lure a logged‑in user to trigger changes to sensitive settings via t...
CVE-2017-17891
Readymade Video Sharing Script has CSRF via user-profile-edit.php...
CVE-2017-17892
The CVE-2017-17892 entry refers to Readymade Video Sharing Script with an SQL Injection vulnerability exposed through viewsubs.php?chnlid and search_video.php?search. Multiple connected sources confirm this vulnerability exists in the Readymade Video Sharing Script and detail the injection vector...
CVE-2017-17893
The following CVE concerns the Readymade Video Sharing Script (PHP Scripts Mall). It has a stored/reflected Cross‑Site Scripting (XSS) vulnerability exploitable via user input parameters: search_video.php using the search parameter, viewsubs.php using the chnlid parameter, and user-profile-edit.p...