27 matches found
CVE-2018-18912
An issue was discovered in Easy File Sharing EFS Web Server 7.2. A stack-based buffer overflow vulnerability occurs when a malicious POST request has been made to forum.ghp upon creating a new topic in the forums, which allows remote attackers to execute arbitrary code...
SimpleBB 4.2 Shell Upload
SimpleBB 4.2 + All ver upload Vulnerability ========================================== Author : indoushka Vondor : http://themeforest.net/item/simple-bulletin-board/58838?ref=themac Dork : SBB V4.2 ========================= 1 register in forum 2 Creat a new topic 3 Attachment a php file to downol...
portalapp 4.0 (sql/xss/auth bypasses) Multiple Vulnerabilities
No description provided by source. Title: PortalApp 4.0 Multiple vulnerabilities Discovered By: r3dm0v3 http://r3dm0v3.persianblog.ir r3dm0v3 4t yahoodotcom Tehran - Iran Vendor: http://www.portalapp.com Vulnerable Version: 4.0, prior versions maybe vulnerable Remote Exploit: Yes Dork: Copyright...
Discuz! X3. 1 Background to arbitrary code execution can take shell-vulnerability warning-the black bar safety net
See someone ask Discuz! X3. 1 Background how get shell, download it a look, before someone says HTML generation can take the shell, I yesterday the official website to download the version found, the static file extensions, limiting the htm/html. If the server does not exist parsing vulnerability...
Command School Student Management System - '/sw/add_topic.php' Cross-Site Request Forgery (Topic Creation)
source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An HTML injection...
PortalApp 4.0 - SQL Injection Cross-Site Scripting Authentication Bypass
PortalApp 4.0 - SQL Injection Cross-Site Scripting Authentication Bypass Title: PortalApp 4.0 Multiple vulnerabilities Discovered By: r3dm0v3 http://r3dm0v3.persianblog.ir r3dm0v3 4t yahoodotcom Tehran - Iran Vendor: http://www.portalapp.com Vulnerable Version: 4.0, prior versions maybe vulnerabl...
PortalApp 4.0 - SQL Injection / Cross-Site Scripting / Authentication Bypass
Title: PortalApp 4.0 Multiple vulnerabilities Discovered By: r3dm0v3 http://r3dm0v3.persianblog.ir r3dm0v3 4t yahoodotcom Tehran - Iran Vendor: http://www.portalapp.com Vulnerable Version: 4.0, prior versions maybe vulnerable Remote Exploit: Yes Dork: "Copyright @2007 Iatek LLC" Fix: Not Availabl...