227 matches found
CVE-2021-39413
Multiple Cross Site Scripting XSS vulnerabilities exits in SEO Panel v4.8.0 via the 1 totime parameter in a backlinks.php, b analytics.php, c log.php, d overview.php, e pagespeed.php, f rank.php, g review.php, h saturationchecker.php, i socialmedia.php, and j reports.php; the 2 fromtime parameter...
PT-2021-22582 · Seo Panel · Seo Panel
Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.8.0 Description: Multiple Cross Site Scripting XSS vulnerabilities exist in SEO Panel via several parameters in various PHP files. The affected parameters include to time in files such as backlinks.php, analytics.php, and...
58Town Webmaster App for Android has a logic flaw vulnerability
58Town Webmaster APP is a webmaster tool developed and launched for webmasters in 58Town. 58Town Webmaster APP Android version has a logic flaw vulnerability that can be exploited by attackers to cause sensitive data leakage...
zzcms elevation of privilege vulnerability
ZZCMS is the content management system of Webmaster Merchants. An elevation of privilege vulnerability exists in /user/adv.php in zzcms version 201910. An attacker can exploit this vulnerability to modify data, which can be used to launch further attacks...
SEO Panel Cross-Site Scripting Vulnerability (CNVD-2021-23383)
SEO Panel is a free, open source SEO optimization software. A cross-site scripting vulnerability exists in SEO Panel version 4.8.0. The vulnerability can be exploited to inject JavaScript via the totime parameter in webmaster-tools.php...
SEO Panel 跨站脚本漏洞
SEO Panel is a free, open source SEO optimization software. A cross-site scripting vulnerability exists in SEO Panel version 4.8.0. The vulnerability can be exploited to inject JavaScript via the totime parameter in webmaster-tools.php...
CVE-2021-29008
A cross-site scripting XSS issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the "totime" parameter...
PT-2021-18021 · Seo Panel · Seo Panel
Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.8.0 Description: A cross-site scripting issue allows remote attackers to inject JavaScript code. The issue is exploited via the "webmaster-tools.php" endpoint, specifically through the to time parameter. Recommendations: F...
Vientiane Webmaster 2008 Plus suffers from dll hijacking vulnerability
Vientiane Webmaster is a management tool created by Vientiane for Internet cafe owners. Vientiane Webmaster 2008 Enhanced Edition suffers from a dll hijacking vulnerability, which can be exploited by attackers to load untrusted dlls for command execution...
“Biggest webmaster forum” Digital Point exposes trove of user data
By Zara Khan Digital Point exposed the data on a misconfigured Elasticsearch database. This is a post from HackRead.com Read the original post: "Biggest webmaster forum" Digital Point exposes trove of user data...
Clarifying the Computer Fraud and Abuse Act
A federal court has ruled that violating a website's terms of service is not "hacking" under the Computer Fraud and Abuse Act. The plaintiffs wanted to investigate possible racial discrimination in online job markets by creating accounts for fake employers and job seekers. Leading job sites have...
CloudBees Jenkins Cross-Site Request Forgery Vulnerability (CNVD-2020-10430)
CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Amazon EC2 Plugin is used in which an EC2 connection agen...
File Upload Vulnerability in Liangjing Mall Online Shop Shopping System
Liangjing Mall online store shopping system is a set of multi-functional online store system that can fit different types of commodities, super flexible, three-tier distribution PC+mobile+micro-site, which provides a complete online store solution. A file upload vulnerability exists in Liangjing...
File Upload Vulnerability in Mcms
Mcms is a web site building system of MINGFEI TECHNOLOGY CO. Mcms suffers from a file upload vulnerability that can be exploited by an attacker to gain webmaster privileges...
Code Execution Vulnerability in Online Titanium Article Management System (OTCMS)
Nettitanium technology is committed to article management system, article news CMS, webmaster tools class of research and development, Nettitanium article management system station adopts mainstream DIV + CSS framework layout, applicable to the news release type of website, but also applies to...
File upload vulnerability in 5iSNS content payment system
5iSNS Labs is dedicated to providing a source code for webmasters, with a new version of the system, covering features such as libraries and posts. A file upload vulnerability exists in the 5iSNS content payment system, which can be exploited by an attacker to obtain webmaster privileges...
CheerWeb has a file upload vulnerability
CheerWeb is a general-purpose website system designed with PHP+MySQL architecture, which is simple, lightweight, practical, free and shared. CheerWeb suffers from a file upload vulnerability, which can be exploited by an attacker to upload arbitrary files and gain webmaster privileges...
FeiFeiCms has xss vulnerability
FeiFeiCms is a PHP movie program. FeiFeiCms suffers from an XSS vulnerability that can be exploited by attackers to obtain webmaster cookies...
Linux kernel input validation error vulnerability
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An input validation error vulnerability exists in the 'wcd9335codecenabledec' function in the sound/soc/codecs/wcd9335.c file in Linux kernel 5.1.5 and earlier. The...
Android Resource Management Error Vulnerability
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A resource management error vulnerability exists in the tearDownClientInterface of the WificondControl.java file in Android versions 8.0, 8.1 and 9. The vulnerability stems from the mismanagement...