161 matches found
PT-2020-9930 · Eclipse · Eclipse Web Tools Platform
Name of the Vulnerable Software and Affected Versions: Eclipse Web Tools Platform versions prior to 3.18 2020-06 Description: The issue allows XML and DTD files referring to external entities to be exploited, sending the contents of local files to a remote server when edited or validated. This ca...
DEBIAN-CVE-2018-14505
mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to tools/web/app.py...
CVE-2016-5756
NetIQ Access Manager is affected by CVE-2016-5756: multiple web tools components are vulnerable to Reflected Cross-Site Scripting, enabling potential session hijack. Vulnerable in NAM 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2; affected endpoints include nps/servlet/frameservice, nps/servlet...
Turnkey Web Tools PHP Live Helper 1.8 Remote File Inclusion (CVE-2006-1477)
A file inclusion vulnerability has been reported in Turnkey Web Tools PHP Live Helper. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
SunShop <= 4.1.4 (id) Remote SQL Injection Vulnerability
No description provided by source. GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop = 4.1.4 Risk : SQL Injection Description: SunShop shopping cart is a full featured ecommerce solution written in php that allows for...
php live helper <= 2.0.1 - Multiple Vulnerabilities
No description provided by source. GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows...
Academic Web Tools CMS <= 1.4.2.8 - Multiple Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Academic Web Tools CMS Multiple Vulnerabilities Vendor: www.yektaweb.com Vulnerable Version: 1.4.2.8 and prior versions Exploit: Available Impact: Medium Fix: N/A Original Advisory: www.bugreport.ir/?/44 1...
Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/33944/info Yektaweb Academic Web Tools CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in t...
PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV44$2006 ------------------------------------------------------------------------------ ECHOADV44$2006 PHP Simple Shop = 2.0 abspath Remote File Inclusion...
Turnkey Web Tools PHP Simple Shop abs-path Parameter PHP Code Execution - Ver2 (CVE-2006-4052)
A file inclusion vulnerability has been reported in Turnkey Web Tools PHP Simple Shop. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PHPLiveHelper global.php abs_path Parameter PHP Code Execution - Ver2 (CVE-2006-4051)
A code execution vulnerability has been reported in Turnkey Web Tools PHP Live Helper. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Pwn Pad Android device, Network hacking machine launched
Security tools company Pwnie Express is making a network hacking focused Android device called the Pwn Pad. The device is based on the Google Nexus 7 specs, with USB-based Bluetooth, Ethernet and WiFi to gauge the security of a network beyond what Google's tablet can manage on its own. Pwn Pad wi...
Pwn Pad Android device, Network hacking machine launched
Security tools company Pwnie Express is making a network hacking focused Android device called the Pwn Pad. The device is based on the Google Nexus 7 specs, with USB-based Bluetooth, Ethernet and WiFi to gauge the security of a network beyond what Google's tablet can manage on its own. Pwn Pad wi...
SchoolCenter Web Tools 11.0.27 Cross Site Scripting
Exploit Title: SchoolCenter Web Tools Version 11.0.27 Cross Site Scripting Date: 11.04.2012 Author: Sony and Flexxpoint Software Link: www.thinqed.com Google Dorks: inurl:/education/components/calendar/ site:edu Web Browser : Mozilla Firefox Site : http://insecurity.ro PoC:...
Yektaweb CMS Cross Site Scripting
================= IUT-CERT ================= Title: YEKTAWEB CMS XSS Vulnerability Vendor: www.yektaweb.com Dork: Powered by Academic Web Tools AWT - Yektaweb Collection Type: Input.Validation.Vulnerability cross-Site scripting Fix: N/A ================== nsec.ir ================= Description:...
TEHTRI-Security released 13 0days against web tools used by evil attackers
Gents, As announced in recent emails here, we have just released 13 0days and new offensive concepts against most of the tools currently used by web attackers, like web shells, exploit packs, etc, during our new talk at SyScan Singapore 2010 : http://www.syscan.org/Sg/speakers.html012 We have giv...
Yektaweb Academic Web Tools CMS 1.4.2.81.5.7 - Multiple Cross-Site Scripting Vulnerabilities
Yektaweb Academic Web Tools CMS 1.4.2.81.5.7 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/33944/info Yektaweb Academic Web Tools CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input...
Academic Web Tools CMS Cross Site Scripting
============================================ IUT-CERT ============================================ Title: Academic Web Tools CMS Multiple XSS Vendor: www.yektaweb.com Vulnerable Version: 1.5.7 and priors Type: XSS Fix: N/A Dork: AWT YEKTA ============================================ nsec.ir...
YEKTA WEB Academic Web Tools CMS Multiple XSS
============================================ IUT-CERT ============================================ Title: Academic Web Tools CMS Multiple XSS Vendor: www.yektaweb.com Vulnerable Version: 1.5.7 and priors Type: XSS Fix: N/A Dork: AWT YEKTA ============================================ nsec.ir...
Yektaweb Academic Web Tools CMS 1.4.2.8/1.5.7 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/33944/info Yektaweb Academic Web Tools CMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site,...