13 matches found
CVE-2025-4966
The WP Online Users Stats plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing nonce validation within the hkdatasetresults function. This makes it possible for unauthenticated attackers to inject malicious web script...
CVE-2022-34878
SQL Injection vulnerability in User Stats interface /vicidial/userstats.php of VICIdial via the filedownload parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and beco...
CVE-2022-34878
SQL Injection vulnerability in User Stats interface /vicidial/userstats.php of VICIdial via the filedownload parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and beco...
Sql injection
SQL Injection vulnerability in User Stats interface /vicidial/userstats.php of VICIdial via the filedownload parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and beco...
CVE-2022-34878
CVE-2022-34878 affects VICIdial (notably VICIdial 2.14b0.5 and related builds) via an authenticated SQL injection in the /vicidial/user_stats.php file_download parameter. Connected docs confirm concrete exploitation: multiple authenticated SQLi paths and a module exploiting this (e.g., VICIdial M...
CVE-2022-34878 VICIDial 2.14b0.5 SVN 3550 was discovered to contain a SQL injection vulnerability at /vicidial/user_stats.php.
SQL Injection vulnerability in User Stats interface /vicidial/userstats.php of VICIdial via the filedownload parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and beco...
VICIdial SQL注入漏洞
VICIdial is a software suite from VICIdial, Inc. designed to interact with the Asterisk open source Pbx telephony system as a complete inbound/outbound contact center suite with inbound email support. A SQL injection vulnerability exists in VICIdial versions prior to 2.14b0.5, which stems from a...
CVE-2022-34878
SQL Injection vulnerability in User Stats interface /vicidial/userstats.php of VICIdial via the filedownload parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and beco...
Halve the size of images by optimising for high density displays
A long time ago we had monitors of varying resolutions, but once we started to go beyond 1024x768, screens started to get bigger as resolution got bigger. Then full-colour web-capable mobile phones arrived, but the story was the same. They had small screens, but also small resolutions. Then in 20...
Chaturbate: No rate limit in stats api token endpoint
Brute force on statsapi endpoint to view stats of an user Steps To Reproduce: 1. Stats api token can be generated at https://chaturbate.com/statsapi/authtoken/ https://chaturbate.com/statsapi/?username=hackeronetestchat&token=vulnerable I've used my profile and and my token to check brute force T...
prozilla-stats.txt
--==+================================================================================+==-- --==+ Prozilla Top 100 1.2 Arbitrary Delete Stats Vulnerability +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz & xprog Discovered On...
Prozilla Top 100 v1.2 Arbitrary Delete Stats Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ Prozilla Top 100 1.2 Arbitrary Delete Stats Vulnerability +==-- --==+================================================================================+==-- Discovered...
Prozilla Top 100 1.2 - Arbitrary Delete Stats
--==+================================================================================+==-- --==+ Prozilla Top 100 1.2 Arbitrary Delete Stats Vulnerability +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz & xprog Discovered On...