8 matches found
CVE-2024-40524
CVE-2024-40524 describes a Directory Traversal in xmind2testcase v1.5 that allows a remote attacker to execute arbitrary code through the webtool\application.py component. The root cause is improper handling/validation in application.py enabling traversal to sensitive paths. Affected software: xm...
Absolute Form Processor XE-V 1.5 - Remote Change Pasword Exploit
No description provided by source. title Absolute Form Processor XE-V 1.5 Remote Change Pasword /title body bgcolor=FFFFFF text=000000 form name=form1 method=post action=http://www.xigla.com/absolutefp/demo/edituser.asp table width=96% border=0 cellspacing=2 cellpadding=2 align=center tr...
White Label CMS v 1.5 CSRF / Persistent XSS
CVE : CVE-2012-5387 CSRF, CVE-2012-5388 XSS Exploit Title: White Label CMS v 1.5 CSRF w/ persistent XSS Date: 21/10/2012 Exploit Author: pcsjj Vendor Homepage: http://www.videousermanuals.com/white-label-cms/ Version: 1.5 Software Link: http://plugins.svn.wordpress.org/white-label-cms/branches/...
Absolute Form Processor XE-V 1.5 Password Changer
Absolute Form Processor XE-V 1.5 Remote Change Pasword Home:http://www.xigla.com E-mail : Username : Password : input type="password" name="pwd" size="40" value...
Absolute Form Processor XE-V 1.5 - Remote Change Password
Absolute Form Processor XE-V 1.5 Remote Change Pasword Home:http://www.xigla.com E-mail : Username : Password : td wid...
Absolute Form Processor XE-V 1.5 (Auth Bypass) SQL Injection Vuln
Exploit for asp platform in category web applications ================================================================= Absolute Form Processor XE-V 1.5 Auth Bypass SQL Injection Vuln =================================================================...
Absolute Form Processor SQL Injection
----------------------------------------------------- ----------------------------------------------------- Absolute Form Processor XE-V 1.5 auth Bypass Remote Sql Injecion ----------------------------------------------------- Founder: ThE g0bL!NDz Home: www.h4ckf0ru.com Vive Algerie demo :...
DGNews v 1.5 File Upload Vuln.
DGNews v 1.5 File Upload Vuln. Vuln. discovered by : r0t Date: 29 may 2006 vendor:www.diangemilang.com/dgscripts.php affected versions:v 1.5 and prior orginal advisory: http://pridels.blogspot.com/2006/05/dgnews-v-15-file-upload-vuln.html Vuln. Description: It is possible to upload arbitrary file...