EUVD-2018-2032

Malware in sbrugna...

EUVD-2019-6517

Malware in sbrugna...

MantisBT allows arbitrary password reset

MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirmhash value to verify.php...

CVE-2019-15533

XENFCoreSharp before 2019-07-16 allows SQL injection in web/verify.php...

Sql injection

XENFCoreSharp before 2019-07-16 allows SQL injection in web/verify.php...

CVE-2019-15533

XENFCoreSharp (pre-2019-07-16) is affected by CVE-2019-15533: it allows SQL injection in web/verify.php. The connected documents confirm the vulnerable component and input point but do not provide exploit specifics, affected version ranges beyond the date, or remediation details in the supplied s...

CVE-2018-1000841

Zend.To version Prior to 5.15-1 contains a Cross Site Scripting XSS vulnerability in The verify.php page that can result in An attacker could execute arbitrary Javascript code in the context of the victim's browser.. This attack appear to be exploitable via HTTP POST request. This vulnerability...

PT-2017-17844 · Mantisbt · Mantisbt

Name of the Vulnerable Software and Affected Versions: MantisBT versions prior to 2.3.1 Description: The issue allows for arbitrary password reset and unauthenticated admin access. This is achieved by providing an empty confirm hash value to the "verify.php" endpoint. Recommendations: For version...

Fluger Edit 2 Blind SQL Injection / Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ===================================================== Vulnerable Software: Fluger Edit v.2 || administration software Vendor: http://www.fluger.com/ Software License: Commercial Vulnerabilities: Blind SQL Injection And XSS Tested: In Wild...

Sql injection

Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the 1 answer parameter to admincp/verify.php, 2 extension parameter in an edit action to admincp/attachmentpermission.php, and the 3 iperm parameter to...

RSMScript 1.21 XSS/Insecure Cookie Handling Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== RSMScript 1.21 XSS/Insecure Cookie Handling Vulnerabilities =========================================================== START 0x01 Informations: Script : RSMScript 1.21 Download :...

RSMScript 1.21 XSS/Insecure Cookie Handling Vulnerabilities

No description provided by source. START 0x01 Informations: Script : RSMScript 1.21 Download : http://www.hotscripts.com/jump.php?listingid=78547&jumptype=1 Vulnerability : Insecure Cookie Handling / XXS Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org Notes : Proud to be...

RSMScript 1.21 - Cross-Site Scripting / Insecure Cookie Handling

START 0x01 Informations: Script : RSMScript 1.21 Download : http://www.hotscripts.com/jump.php?listingid=78547&jumptype=1 Vulnerability : Insecure Cookie Handling / XXS Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org Notes : Proud to be Italian Greets: : XaDoS, x0r, emgent...

CVE-2007-3918

CVE-2007-3918 describes a cross-site scripting (XSS) vulnerability in GForge 4.6b2, specifically in account/verify.php via the confirm_hash parameter. An unauthenticated attacker could cause arbitrary HTML/script to be executed in a user’s browser. Public references from Debian DSA-1383-1 indicat...

CVE-2006-6667

CVE-2006-6667: Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and earlier allow remote attackers to execute arbitrary SQL via nick_mod or nick to repass.php or verify.php. The NVD entry lists a CVSSv2 base score of 7.5 (HIGH, NETWORK, LOW complexity, no auth). Connected records corrobor...

CVE-2005-4449

verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, th...

CVE-2005-4449

The CVE-2005-4449 entry concerns verify.php in FlatNuke 2.5.6 , where remote authenticated administrators can modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting code via the body parameter. This describes a privilege-elevation-like issue within an authenti...

CVE-2005-4449

verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, th...