174 matches found
CVE-2017-17696
Techno - Portfolio Management Panel is affected by an information disclosure vulnerability through an invalid s parameter to panel/search.php, enabling disclosure of sensitive paths. The CVE notes impact as a path disclosure; affected versions include 2017-11-16 and earlier. Connected sources (CN...
CVE-2017-17696
Techno - Portfolio Management Panel through 2017-11-16 allows full path disclosure via an invalid s parameter to panel/search.php...
CVE-2017-17695
The CVE concerns Techno - Portfolio Management Panel with a SQL Injection vulnerability in the panel/search.php s parameter (affecting versions up to 2017-11-16). The CNVD entry explicitly describes a remote attacker manipulating the s parameter to execute SQL commands and potentially disclose da...
CVE-2017-17694
Techno – Portfolio Management Panel (up to 2017-11-16) is affected by a Cross‑Site Scripting flaw exploited via the panel/search.php?s parameter. The vulnerability allows injection of arbitrary web script/HTML, potentially leaking cookies (as indicated by CNVD) and other user data. Affected compo...
CVE-2017-17694
Techno - Portfolio Management Panel through 2017-11-16 allows XSS via the panel/search.php s parameter...
CVE-2017-17695
Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter...
CVE-2017-17693
Techno - Portfolio Management Panel through 2017-11-16 does not check authorization for panel/portfolio.php?action=delete requests that remove feedback...
CVE-2017-17110
Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request...
Sql injection
Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request...
CVE-2017-17110
Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request...
CVE-2017-17110
Techno Portfolio Management Panel 1.0 is affected by an SQL injection in the parameter 'id' of the single.php endpoint. The CNVD entry describes a SQL injection vulnerability that lets an attacker inject arbitrary SQL commands via single.php?id=, enabling data access/manipulation. The issue is co...
Techno Portfolio Management Panel - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Techno - Portfolio Management Panel 1.0 - SQL Injection Vendor Homepage: https://codecanyon.net/user/engtechno Software Link: https://codecanyon.net/item/techno-portfolio-management-panel/20919551 Demo: http://dacy.esy.es/eng/...
Techno Portfolio Management Panel - 'id' SQL Injection
Exploit Title: Techno - Portfolio Management Panel 1.0 - SQL Injection Dork: N/A Date: 02.12.2017 Vendor Homepage: https://codecanyon.net/user/engtechno Software Link: https://codecanyon.net/item/techno-portfolio-management-panel/20919551 Demo: http://dacy.esy.es/eng/ Version: 1.0 Category: Webap...
techno-science.ca XSS vulnerability
Vulnerable URL: http://techno-science.ca/en/collection-research/collection-item.php?id=...
techno-co.pw Open Redirect vulnerability
Open Bug Bounty ID: OBB-209260 Description| Value ---|--- Affected Website:| techno-co.pw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...
industrie-techno.com XSS vulnerability
Vulnerable URL: http://www.industrie-techno.com/recherche/%3Cscript%3Ealert'OPENBUGBOUNTY'%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 10:18 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
webmail.techno-path.com XSS vulnerability
Vulnerable URL: http://webmail.techno-path.com/-....--..1409474603/webmail/?color=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
Techno Project Japan Enisys Gw Arbitrary Code Execution Vulnerability
Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A security vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to write to arbitrary files and execute arbitrary code...
Techno Project Japan Enisys Gw SQL Injection Vulnerability
Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A SQL injection vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to submit specially crafted SQL queries or obtain database data...
Techno Project Japan Enisys Gw Cross-Site Scripting Vulnerability
Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A cross-site scripting vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to inject malicious script or HTML code that, when viewed with malicious data,...