10 matches found
ClipBucket 安全漏洞
ClipBucket is an open-source PHP script developed by MacWarrior. It is available for free download and used to create video-sharing websites. Versions of ClipBucket prior to v5.5.3.359 contained a security vulnerability due to a lack of authorization checks, which could lead to modifying other...
ClipBucket 代码问题漏洞
ClipBucket is an open-source PHP script developed by MacWarrior. It is available for free download and used to create video-sharing websites. Versions of ClipBucket prior to v5.5.3 had code vulnerabilities. These vulnerabilities stemmed from the remote playback feature, which allowed the creation...
Car Rental Script Security Vulnerability
Car Rental Script is an open source vehicle rental script from GZ Script. A security vulnerability exists in Car Rental v3.0, which originates from a CSV injection vulnerability in the Language Labels Export operation...
Voovi SQL Injection Vulnerability
Voovi is an open source social networking script from Sourceforge. Voovi version 1.0 suffers from a SQL injection vulnerability, which stems from a SQL injection vulnerability in videos.php...
Voovi SQL Injection Vulnerability
Voovi is an open source social networking script from Sourceforge. Voovi 1.0 version has a SQL injection vulnerability , the vulnerability stems from signup2.php SQL injection vulnerability...
Service Booking Script Cross-Site Scripting Vulnerability
Service Booking Script is a PHP Jabbers open source service booking script. A cross-site scripting vulnerability exists in PHP Jabbers Service Booking Script version 1.0, which stems from the parameter index in the file /index.php can lead to cross-site scripting...
PT-2018-13582 · Php Scripts Mall · Php Scripts Mall Open Source Real-Estate Script
Name of the Vulnerable Software and Affected Versions: PHP Scripts Mall Open Source Real-estate Script version 3.6.2 Description: The issue allows remote attackers to list the contents of the 'wp-content/themes/template dp dec2015/img' directory. Recommendations: For version 3.6.2, restrict acces...
Code injection
Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'Sourcescript type="text/javascript" src=' line. Fix released on 2018-03-28...
PluggedOut Blog SQL injection and XSS
PluggedOut Blog SQL INJECTION and XSS PluggedOut Blog is an open source script you can run on your web server to give you an online multi-user journal or diary. It can be used equally well for any kind of calendar application.Rather than give you a thousand things you don't really want...
Skunkware 2.0 - view-source Directory Traversal
Skunkware 2.0 - view-source Directory Traversal source: https://www.securityfocus.com/bid/2251/info view-source is a script included with the httpd package bundled with Skunkware 2.0. Skunkware 2.0 is a variant of the UNIX Operating System distributed by Santa Cruz Operations. A problem with the...