18 matches found
EUVD-2010-1364
Malware in sbrugna...
EUVD-2017-8268
Malware in sbrugna...
EUVD-2008-6924
Malware in sbrugna...
Firefly CMS 1.0 Remote Command Execution Exploit #RCE
Exploit for php platform in category web applications + Remote Comand Execution on Firefly CMS v. 1.0 + Date: 11/05/2019 + CWE number: CWE-78 + Risk: High + Author: Felipe Andrian Peixoto + Contact: email protected + Tested on: Windows 7 and Linux + Vendor Homepage: https://fireflydigital.com/ +...
Firefly CMS 1.0 Remote Command Execution
Remote Comand Execution on Firefly CMS v. 1.0 + Date: 11/05/2019 + CWE number: CWE-78 + Risk: High + Author: Felipe Andrian Peixoto + Contact: [email protected] + Tested on: Windows 7 and Linux + Vendor Homepage: https://fireflydigital.com/ + Vulnerable File: site.php + Version : 1.0 +...
apsonline.com XSS vulnerability
Open Bug Bounty ID: OBB-598746 Description| Value ---|--- Affected Website:| apsonline.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Command Execution Vulnerability in FineCMS Version 5.3.0 Site.php File
FineCMS Free, Enterprise, Public Benefit is an efficient and simple small and medium-sized content management system based on PHP+MySql+CI framework. A command execution vulnerability exists in the Site.php file of FineCMS version 5.3.0. The vulnerability is due to insufficient filtering of...
TSiteBuilder SQL Injection Vulnerability
TSiteBuilder is a set of tools for building websites, mainly for creating HTML-based websites. A SQL injection vulnerability exists in TSiteBuilder version 1.0. A remote attacker can exploit the vulnerability by sending the 'id' parameter to the /site.php, /pagelist.php, or /pagenew.php files to...
CVE-2018-6365
SQL Injection exists in TSiteBuilder 1.0 via the id parameter to /site.php, /pagelist.php, or /pagenew.php...
Sql injection
SQL Injection exists in TSiteBuilder 1.0 via the id parameter to /site.php, /pagelist.php, or /pagenew.php...
CVE-2018-6365
SQL Injection exists in TSiteBuilder 1.0 via the id parameter to /site.php, /pagelist.php, or /pagenew.php...
CVE-2018-6365
The CVE-2018-6365 issue affects TSiteBuilder 1.0, where an SQL injection vulnerability arises via the id parameter in /site.php, /pagelist.php, or /page_new.php. The root cause is improper handling of the id input allowing command injection into the database query, enabling an attacker to manipul...
TSiteBuilder 1.0 - SQL Injection
Exploit Title: TSiteBuilder 1.0 - SQL Injection Dork: N/A Date: 27.01.2018 Vendor Homepage: http://www.datacomponents.net/ Software Link: http://www.datacomponents.net/products/website/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsan Sencan Author Web...
Sql injection
Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $REQUEST'link'...
CVE-2017-17102
Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $REQUEST'link'...
INVOhost Multiple SQL injection vulnerabilities
INVOhost is prone to multiple SQL injection vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-1336
Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 newlanguage parameters to site.php, 3 search parameter to manuals.php, and 4 unspecified vectors to faq.php. NOTE: some of these details are obtained from third party...
CVE-2010-1336
Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 newlanguage parameters to site.php, 3 search parameter to manuals.php, and 4 unspecified vectors to faq.php. NOTE: some of these details are obtained from third party...