23 matches found
Joomla Spider Catalog Lite 1.8.10 SQL Injection
Exploit Title: Joomla! Component Spider Catalog Lite v1.8.10 - SQL Injection Google Dork: inurl:index.php?option=comspidercatalog Date: 16.02.2017 Vendor Homepage: http://web-dorado.com/ Software Buy:...
Joomla! Component Spider Catalog Lite 1.8.10 - SQL Injection
Joomla! Component Spider Catalog Lite 1.8.10 - SQL Injection Exploit Title: Joomla! Component Spider Catalog Lite v1.8.10 - SQL Injection Google Dork: inurl:index.php?option=comspidercatalog Date: 16.02.2017 Vendor Homepage: http://web-dorado.com/ Software Buy:...
Joomla Spider Catalog Lite 1.8.10 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Spider Catalog Lite v1.8.10 - SQL Injection Google Dork: inurl:index.php?option=comspidercatalog Date: 16.02.2017 Vendor Homepage: http://web-dorado.com/ Software Buy:...
Joomla! Component Spider Catalog Lite 1.8.10 - SQL Injection
Exploit Title: Joomla! Component Spider Catalog Lite v1.8.10 - SQL Injection Google Dork: inurl:index.php?option=comspidercatalog Date: 16.02.2017 Vendor Homepage: http://web-dorado.com/ Software Buy:...
CVE-2015-4350
Multiple cross-site request forgery CSRF vulnerabilities in the Spider Catalog module for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete 1 products, 2 ratings, or 3 categories via unspecified vectors...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the Spider Catalog module for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete 1 products, 2 ratings, or 3 categories via unspecified vectors...
CVE-2015-4350
The CVE-2015-4350 entry concerns Drupal’s Spider Catalog contributed module, which has CSRF vulnerabilities. The root cause is insufficient CSRF protection on certain URLs, allowing remote attackers to trigger administrator actions that delete products, ratings, or categories. The issue is tied t...
WordPress Spider Catalog Plugin - Multiple Vulnerabilities
This plugin is prone to a cross site scripting and SQL injection vulnerabilities. Solution Update the plugin...
Drupal Spider Catalog Module Cross-Site Request Forgery Vulnerability
Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Spider Catalog is one of the modules used to form a product catalog from the website. A cross-site request forgery vulnerability exists in the Drupal Spider Catalog module, which stems...
SA-CONTRIB-2015-058 - Spider Catalog - Cross Site Request Forgery (CSRF) - Unsupported
Spider Catalog module enables you to build product catalogs. The module doesn't sufficiently protect some URLs against CSRF. A malicious user can cause an administrator to delete products, ratings and categories by getting their browser to make a request to a specially-crafted URL. CVE identifier...
Spider Catalog - Cross-Site Scripting & SQL Injection Vulnerabilities
The spider-catalog WordPress plugin was affected by a Cross-Site Scripting & SQL Injection Vulnerabilities security vulnerability...
Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities
No description provided by source. waraxe-2013-SA105 - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin =================================================================================== Author: Janek Vind waraxe Date: 22. May 2013 Location: Estonia, Tartu Web:...
Wordpress Spider Catalog 1.1 HTML Code Injection and Cross-Site scripting
No description provided by source. 1 1 0 I'm D4NB4R member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Exploit Title: Wordpress Plugin Catalog HTML Code Injection and Cross-site scripting Dork: N/A Date: 31-10-2012 Author: Daniel Barragan D4NB...
Joomla Spider Catalog (index.php, product_id parameter) SQL Injection Vulnerability
No description provided by source. 1 1 0 I'm D4NB4R member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Exploit Title: Joomla comspidercatalog SQL injection Vulnerability Dork: inurl:index.php?option=comspidercatalog Date: 31-10-2012 Author:...
[waraxe-2013-SA#105] - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin
waraxe-2013-SA105 - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin =================================================================================== Author: Janek Vind "waraxe" Date: 22. May 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-105.html Description of...
WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities
Spider Catalog plugin is prone to multiple vulnerabilities. These vulnerabilities are: 1. SQL Injection in Spider Catalog Shortcodes; 2. SQL Injection in "catalog.php" function "catalogaftersearchresults"; 3. SQL Injection in "Categories.php" function "changecat"; 4. SQL Injection in...
WordPress Plugin Spider Catalog 1.4.6 - Multiple Vulnerabilities
waraxe-2013-SA105 - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin =================================================================================== Author: Janek Vind "waraxe" Date: 22. May 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-105.html Description of...
Spider Catalog 1.4.6 Cross Site Scripting / Path Disclosure / SQL Injection
waraxe-2013-SA105 - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin =================================================================================== Author: Janek Vind "waraxe" Date: 22. May 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-105.html Description of...
WordPress Spider Catalog Plugin 1.1 - HTML Code Injection and Cross-Site Scripting
Spider Catalog plugin is prone to HTML code injection and cross-site scripting vulnerabilities. Solution Update the plugin...
WordPress Plugin Spider Catalog 1.1 - HTML Code Injection Cross-Site Scripting
WordPress Plugin Spider Catalog 1.1 - HTML Code Injection Cross-Site Scripting 1 1 0 I'm D4NB4R member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Exploit Title: Wordpress Plugin Catalog HTML Code Injection and Cross-site scripting Dork: N/A...