12 matches found
HumHub Cross-Site Scripting Vulnerability (CNVD-2022-82657)
HumHub is a set of open source social networking software written on the Yii PHP framework. HumHub suffers from a cross-site scripting vulnerability that could be exploited by attackers to insert malicious javascript into the space name...
Jiaxing Wantsky Information Technology Co., Ltd. OpenSNS_v6.2.0 file upload vulnerabilities exist
OpenSNS is a comprehensive social networking software developed by Thinking Sky. You can use OpenSNS to quickly build a social networking site similar to the same social networking site as New Wave Microblogging. OpenSNSv6.2.0 has a file upload vulnerability that can be exploited by attackers to...
PhpSocial 2.0.0304_20222226 - Cross-Site Request Forgery
Security Advisory - Curesec Research Team 1. Introduction Affected Product: PhpSocial v2.0.030420222226 Fixed in: not fixed Fixed Version Link: n/a Vendor Webite: http://phpsocial.net Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 11/21/2015 Disclosed to public: 12/21/2015...
Oxwall 1.7.0 - Remote Code Execution Exploit
No description provided by source. !/usr/bin/env python Oxwall 1.7.0 Remote Code Execution Exploit Vendor: Oxwall Software Foundation Product web page: http://www.oxwall.org Affected version: 1.7.0 build 7907 and 7906 Summary: Oxwall is unbelievably flexible and easy to use PHP/MySQL social...
Oxwall 1.7.0 - Remote Code Execution
Oxwall 1.7.0 - Remote Code Execution !/usr/bin/env python Oxwall 1.7.0 Remote Code Execution Exploit Vendor: Oxwall Software Foundation Product web page: http://www.oxwall.org Affected version: 1.7.0 build 7907 and 7906 Summary: Oxwall is unbelievably flexible and easy to use PHP/MySQL social...
Pligg CMS (story.php?id) 1.0.4 - SQL Injection Vulnerability
No description provided by source. / ! Pligg CMS story.php?id SQL Injection Vulnerability ! Author : Don Tukulesto [email protected] ! Homepage: http://indonesiancoder.com ! Date : Tue, April 27, 2010 ! Tune in : http://antisecradio.fm choose your weapon / Software Information Vendor :...
AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities
Exploit for php platform in category web applications ========================================================= AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities ========================================================= Name AlstraSoft E-Friends Vendor http://www.alstrasoft.com Versions...
PG Social Networking Shell upload Vulnerabilty
Exploit for php platform in category web applications ============================================== PG Social Networking Shell upload Vulnerabilty ============================================== Name : PG Social Networking --Shell upload Vulnerabilty Critical Level :VERY HIGH vendor URL...
Pligg CMS (story.php?id) SQL Injection Vulnerability
No description provided by source. / ! Pligg CMS story.php?id SQL Injection Vulnerability ! Author : Don Tukulesto [email protected] ! Homepage: http://indonesiancoder.com ! Date : Tue, April 27, 2010 ! Tune in : http://antisecradio.fm choose your weapon / Software Information Vendor :...
Pligg CMS 1.0.4 SQL Injection
/ ! Pligg CMS story.php?id SQL Injection Vulnerability ! Author : Don Tukulesto [email protected] ! Homepage: http://indonesiancoder.com ! Date : Tue, April 27, 2010 ! Tune in : http://antisecradio.fm choose your weapon / Software Information Vendor : http://www.pligg.com/ Download:...
i-Net Online Community SQL Injection / Cross Site Scripting
Exploit Title: XSS and Authentication bypass in i-Net Online Community site script Date: 27-apr-2010 Author: Sid3^effects Software Link: N/a CVE : Code : XSS and Authentication bypass in i-Net Online Community site script Vendor:http://www.i-netsolution.com/ Author:Sid3^effects aKa haRi Descripti...
datecomm Social Networking Software Index.PHP远程文件包含漏洞
datecomm Social Networking Software是一款基于PHP的WEB应用程序。 datecomm Social Networking Software不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题是由于'index.php'脚本对用户提交的'pg'参数缺少过滤,指定远程服务器上的任意文件作为包含参数,可导致以WEB权限执行任意PHP代码。 Datecomm Social Networking Script 目前没有详细解决方案提供: http://www.datecomm.com/...