email-stuff-uk.net XSS vulnerability

Vulnerable URL: https://email-stuff-uk.net/login.php?message=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 22096842 VIP website status:| No Check...

onepound Shop / CMS XSS and SQL Injection Vulnerabilities

No description provided by source. :: General information :: onepound shop / cms XSS and SQL Injection vulnerabilities :: by Valentin Hoebel :: [email protected] :: Product information :: Name = onepound shop / cms :: Vendor = onepound :: Vendor Website = http://www.onepound.cn :: About the...

ZeroCMS 1.0 - zero_transact_user.php, Handling Privilege Escalation

No description provided by source. import sys,getopt,cookielib,urllib2,urllib ZeroCMS 1.0 zerotransactuser.php Impropper Form post hanling, parameter polution Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ author: [email protected] Tested on: php 5.4.27 OSVDB ID...

ZeroCMS 1.0 - (zero_transact_article.php article_id POST parameter) SQL Injection Vulnerability

No description provided by source. ZeroCMS v1.0 SQL Injection Vulnerability zerotransactarticle.php articleid POST parameter Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms Affected version: 1.0 Severity: High CWE: 89 - http://cwe.mitre.org/data/definitions/89.html CVE:...

ZeroCMS 1.0 Cross Site Scripting

ZeroCMS v1.0 Cross-Site Scripting Vulnerability Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms Affected version: 1.0 Severity: Medium CVE: CVE-2014-4195 Date: 20/06/2014 Discovered by: Filippos Mastrogiannis @filipposmastro ZeroCMS is a very simple Content Management...

ZeroCMS 1.0 - zero_transact_article.php SQL Injection

ZeroCMS 1.0 - zerotransactarticle.php SQL Injection ZeroCMS v1.0 SQL Injection Vulnerability zerotransactarticle.php articleid POST parameter Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms Affected version: 1.0 Severity: High CWE: 89 -...

ZeroCMS 1.0 SQL Injection

ZeroCMS v1.0 SQL Injection Vulnerability zerotransactarticle.php articleid POST parameter Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms Affected version: 1.0 Severity: High CWE: 89 - http://cwe.mitre.org/data/definitions/89.html CVE: CVE-2014-4194 Date: 20/06/2014...

ZeroCMS 1.0 - 'zero_transact_user.php' Handling Privilege Escalation

import sys,getopt,cookielib,urllib2,urllib ZeroCMS 1.0 zerotransactuser.php Impropper Form post hanling, parameter polution Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ author: [email protected] Tested on: php 5.4.27 OSVDB ID: 108025 description Summary: ZeroC...

ZeroCMS 1.0 - zero_transact_user.php Handling Privilege Escalation

ZeroCMS 1.0 - zerotransactuser.php Handling Privilege Escalation import sys,getopt,cookielib,urllib2,urllib ZeroCMS 1.0 zerotransactuser.php Impropper Form post hanling, parameter polution Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ author: [email protected]...

CVE-2008-4968

The 1 rccs and 2 STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff. temporary file...

Design/Logic Flaw

The 1 rccs and 2 STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff. temporary file...

CVE-2008-4968

The 1 rccs and 2 STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff. temporary file...

CVE-2008-4968

The 1 rccs and 2 STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff. temporary file...

Move velocity templates and other web resources into WEB-INF in the Confluence webapp

It presents a small information leak, and is just tidier if we put all the internal stuff into WEB-INF...