75 matches found
Hashtopussy Cross-Site Scripting Vulnerability
Hashtopussy is a cross-platform client-server tool for distributing hash table tasks between multiple computers, featuring portability, stability and multi-user support. A cross-site scripting vulnerability exists in Hashtopussy version 0.4.0. A remote attacker can exploit this vulnerability with...
Synology DiskStation Manager (DSM) Encryption Mechanism Bypass Vulnerability
Synology DiskStation Manager is an operating system for use on networked storage servers NAS. A security vulnerability in Synology DiskStation Manager SYNO.API.Encryption allows remote attackers to bypass the encryption protection mechanism by submitting a special 'version' parameter request...
CVE-2017-9553
A design flaw in SYNO.API.Encryption in Synology DiskStation Manager DSM before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter...
CVE-2017-9553
A design flaw in SYNO.API.Encryption in Synology DiskStation Manager DSM before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter...
Design/Logic Flaw
A design flaw in SYNO.API.Encryption in Synology DiskStation Manager DSM before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter...
PT-2017-19013 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.1.3-15152 Description: A design flaw in SYNO.API.Encryption allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter. Recommendations: For...
CVE-2016-7780
SQL injection vulnerability in cron/findhelp.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter...
CVE-2016-9020
SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter...
CVE-2016-7780
SQL injection vulnerability in cron/findhelp.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter...
OIC Exponent CMS SQL Injection Vulnerability (CNVD-2016-10701)
OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from the American OIC Group of companies. The system supports direct editing in the page, and provides user management, site configuration, content editing and other functions. A SQL injection vulnerability...
CVE-2015-5076
Multiple cross-site scripting XSS vulnerabilities in X2Engine X2CRM before 5.0.9 allow remote attackers to inject arbitrary web script or HTML via the 1 version parameter in protected/views/admin/formEditor.php; the 2 importId parameter in protected/views/admin/rollbackImport.php; the 3 bc, 4 fg,...
Traq 2.2 - Multiple SQL Injections Cross-Site Scripting
Traq 2.2 - Multiple SQL Injections Cross-Site Scripting source: https://www.securityfocus.com/bid/49835/info Traq is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow...
CVE-2011-1703
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url...
Heap overflow
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url...
PT-2009-2990 · Unknown · Free Bible Search Php Script
Name of the Vulnerable Software and Affected Versions: Free Bible Search PHP Script version 1.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the version parameter in the readbible.php file. Recommendations: For Free Bible Search PHP Script...