21 matches found
EUVD-2018-21640
Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes, or inject SQL code through the men...
EUVD-2018-21639
Tina4 Stack 1.0.3 contains a cross-site request forgery vulnerability that allows attackers to modify admin user credentials by submitting forged POST requests to the profile endpoint. Attackers can craft HTML forms targeting the /kim/profile endpoint with hidden fields containing malicious user...
CVE-2018-25186
Tina4 Stack 1.0.3 contains a cross-site request forgery vulnerability that allows attackers to modify admin user credentials by submitting forged POST requests to the profile endpoint. Attackers can craft HTML forms targeting the /kim/profile endpoint with hidden fields containing malicious user...
CVE-2018-25187 Tina4 Stack 1.0.3 SQL Injection and Database File Download
Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes, or inject SQL code through the men...
CVE-2018-25187
Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes, or inject SQL code through the men...
CVE-2018-25186
Tina4 Stack 1.0.3 contains a cross-site request forgery vulnerability that allows attackers to modify admin user credentials by submitting forged POST requests to the profile endpoint. Attackers can craft HTML forms targeting the /kim/profile endpoint with hidden fields containing malicious user...
CVE-2018-25186 Tina4 Stack 1.0.3 Cross-Site Request Forgery via profile
Tina4 Stack 1.0.3 contains a cross-site request forgery vulnerability that allows attackers to modify admin user credentials by submitting forged POST requests to the profile endpoint. Attackers can craft HTML forms targeting the /kim/profile endpoint with hidden fields containing malicious user...
CVE-2018-25186 Tina4 Stack 1.0.3 Cross-Site Request Forgery via profile
Tina4 Stack 1.0.3 contains a cross-site request forgery vulnerability that allows attackers to modify admin user credentials by submitting forged POST requests to the profile endpoint. Attackers can craft HTML forms targeting the /kim/profile endpoint with hidden fields containing malicious user...
CVE-2018-25186
CVE-2018-25186 affects Tina4 Stack 1.0.3 and describes a cross-site request forgery on the /kim/profile endpoint that lets attackers modify administrator credentials via forged POST requests without authentication. The vulnerability enables unauthorized modification of admin user data (e.g., pass...
PT-2026-23697
Name of the Vulnerable Software and Affected Versions Tina4 Stack version 1.0.3 Description Tina4 Stack version 1.0.3 has multiple issues that allow unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database...
PT-2026-23696
Name of the Vulnerable Software and Affected Versions Tina4 Stack version 1.0.3 Description The software contains a cross-site request forgery issue that enables attackers to alter admin user credentials. This is achieved by submitting crafted POST requests to the /kim/profile endpoint. Attackers...
Tina4 Stack 跨站请求伪造漏洞
Tina4 Stack is a collection of full-site development frameworks provided by Tina4 Corporation. Version 1.0.3 of Tina4 Stack contains a cross-site request forgeing vulnerability. This vulnerability stems from a cross-site request forgeing issue with the profile endpoint, which may allow attackers ...
Tina4 Stack SQL注入漏洞
Tina4 Stack is a collection of full-stack development frameworks provided by Tina4 Corporation. Version 1.0.3 of Tina4 Stack contains an SQL injection vulnerability. This vulnerability stems from allowing direct access to database files and SQL injections, which may enable unverified attackers to...
Tina4 Stack 1.0.3 - Cross-Site Request Forgery (Update Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: Tina4 Stack 1.0.3 - Cross-Site Request Forgery Update Admin Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version:...
Tina4 Stack 1.0.3 - SQL Injection / Database File Download Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version:...
Tina4 Stack 1.0.3 - Cross-Site Request Forgery (Update Admin)
Tina4 Stack 1.0.3 - Cross-Site Request Forgery Update Admin Exploit Title: Tina4 Stack 1.0.3 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link:...
Tina4 Stack 1.0.3 - SQL Injection Database File Download
Tina4 Stack 1.0.3 - SQL Injection Database File Download Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link:...
Tina4 Stack 1.0.3 Cross Site Request Forgery
Exploit Title: Tina4 Stack 1.0.3 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps...
Tina4 Stack 1.0.3 SQL Injection
Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps Test...
Tina4 Stack 1.0.3 - SQL Injection / Database File Download
Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps Test...