29 matches found
EUVD-2018-17450
Malware in sbrugna...
CVE-2018-5681
PrestaShop 1.7.2.4 has XSS via source-code editing on the "Pages Edit page" screen...
CVE-2018-5681
PrestaShop 1.7.2.4 has XSS via source-code editing on the "Pages Edit page" screen...
CVE-2018-5681
PrestaShop 1.7.2.4 is affected by a cross-site scripting (XSS) vulnerability that can be triggered via the Source Code editing option on the Pages > Edit page screen. The issue is documented in CVE-2018-5681 with notes that the vulnerability exists in the 1.7.2.4 release and is disclosed by mu...
ShopEx V4. 8(v4. 8 4,v4. 8 5) the background write WebShell-vulnerability warning-the black bar safety net
ShopEx online store system sales platform, is one of the earliest online shop software provider; is currently the shop system continued research and development of the oldest of the company; is currently the shop software domestic the highest market share of the software provider; is currently th...
Maian Greeting v2.1 Multiple Vulnerabilities (XSS/SQL INJECTION)
---------------------------------------------------------------- Script : Maian Greeting v2.1 Type : Multiple Vulnerabilities XSS/SQL INJECTION ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Or Dr.Crash Our Team : IRCRASH...
QuickTicket multiple sql inj.
QuickTicket multiple sql inj. Vuln. discovered by : r0t Date: 27 June 2007 vendor:http://www.qt-cute.org/ orginal advisory: http://pridels-team.blogspot.com/2007/06/quickticket-multiple-sql-inj.html affected versions: tested on QuickTicket 1.2 build:20070621 other versions also can be affected...
[SA23865] Enthusiast Cross-Site Scripting and SQL Injection
TITLE: Enthusiast Cross-Site Scripting and SQL Injection SECUNIA ADVISORY ID: SA23865 VERIFY ADVISORY: http://secunia.com/advisories/23865/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: Enthusiast 3.x http://secunia.com/product/13303...
Avactis Shopping Cart vuln.
Avactis Shopping Cart vuln. Vuln. discovered by : r0t Date: 1 may 2006 vendor:http://www.avactis.com affected versions:0.1.2 and prior orginal advisory: http://pridels.blogspot.com/2006/05/avactis-shopping-cart-vuln.html Vuln. Description: 1. sql inj. Avactis Shopping Cart contains a flaw that...
Cartweaver ColdFusion vuln.
Cartweaver ColdFusion vuln. Vuln. discovered by : r0t Date: 25 april 2006 vendorlink:www.cartweaver.com affected versions:2.16.11 and previous orginal advisory:http://pridels.blogspot.com/2006/04/cartweaver-coldfusion-vuln.html Vuln. Description: 1. SQL Injection vuln. Cartweaver ColdFusion...
phpLinks <= 2.1.3.1 XSS vuln.
phpLinks = 2.1.3.1 XSS vuln. Vuln. discovered by : r0t Date: 16 april 2006 vendorlink:http://sourceforge.net/projects/phplinks/ affected versions:phpLinks 2.1.3.1 and previous orginal advisory: http://pridels.blogspot.com/2006/04/phplinks-2131-xss-vuln.html Vuln. Description: phpLinks contains a...
Musicbox vuln.
Musicbox vuln. Vuln. discovered by : r0t Date: 16 april 2006 vendorlink:http://www.musicboxv2.com/ affected versions:2.3.3 and previous orginal advisory:http://pridels.blogspot.com/2006/04/musicbox-vuln.html Vuln. Description: 1. Input passed to the "term" parameter when performing a search isn't...
APT-webshop-system vuln.
APT-webshop-system vuln. Vuln. discovered by : r0t Date: 9 april 2006 vendor:http://www.apt-webservice.de/shopsoftware/ affected versions: 4.0 PRO 3.0 BASIC 3.0 LIGHT orginal advisory: http://pridels.blogspot.com/2006/04/apt-webshop-system-vuln.html Vuln. description: 1. SQL injection vuln...
classifiedZONE v1.2 XSS vuln.
classifiedZONE v1.2 XSS vuln. Vuln. discovered by : r0t Date: 28 march 2006 vendor:http://www.fusionzone.com/applications/classifieds/ affected versions:v.1.2 and prior Vuln. Description: classifiedZONE contains a flaw that allows a remote cross site scripting attack. This flaw exists because inp...
couponZONE v.4.2 Multiple vuln.
couponZONE v.4.2 Multiple vuln. Vuln. discovered by : r0t Date: 28 march 2006 vendor:http://www.fusionzone.com/applications/coupons affected versions:v.4.2 and prior orginal advisory:http://pridels.blogspot.com/2006/03/couponzone-v42-multiple-vuln.html Vuln. Description: 1. SQL vuln. couponZONE...
[SA19415] Absolute Live Support XE Script Insertion Vulnerability
TITLE: Absolute Live Support XE Script Insertion Vulnerability SECUNIA ADVISORY ID: SA19415 VERIFY ADVISORY: http://secunia.com/advisories/19415/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Absolute Live Support XE 2.x http://secunia.com/product/8929/...
SweetSuite.NET - ssCMS 2.1.x XSS vuln.
SweetSuite.NET - ssCMS 2.1.x XSS vuln. Vuln. discovered by : r0t Date: 25 march 2006 vendor: www.sweetsuite.net/ssCMSMain.aspx affected versions: 2.1.0 and prior orginal advisory: http://pridels.blogspot.com/2006/03/sweetsuitenet-sscms-21x-xss-vuln.html Vuln. Description: ssCMS contains a flaw th...
[SA19048] LanSuite LanParty Intranet System "fid" SQL Injection
TITLE: LanSuite LanParty Intranet System "fid" SQL Injection SECUNIA ADVISORY ID: SA19048 VERIFY ADVISORY: http://secunia.com/advisories/19048/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: LanSuite LanParty Intranet System 2.x...
[SA18325] OnePlug CMS SQL Injection Vulnerabilities
TITLE: OnePlug CMS SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA18325 VERIFY ADVISORY: http://secunia.com/advisories/18325/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: OnePlug CMS http://secunia.com/product/6753/ DESCRIPTION: Preddy has reported...
Ad Manager Pro SQL vuln.
Ad Manager Pro SQL vuln. Vuln. dicovered by : r0t Date: 14 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/ad-manager-pro-sql-vuln.html vendor:www.phpwebscripts.com/admanagerpro/ affected version:2.0 and prior Product Description: Quality ad management system. Graphical or text-bas...