85 matches found
Arbitrary File Download Vulnerability in SeaCMS Backend
Ocean CMS SeaCMS, Ocean Movie Management System is a video-on-demand system designed for webmasters with different needs. SeaCMS suffers from an SQL injection vulnerability. An attacker can exploit the vulnerability to download arbitrary files...
appcms V2.0 has an arbitrary file read vulnerability
appcms is a professional APP content management system that provides various extension modules, such as information, recommended positions, topics, friendly links, body internal links, etc., to help webmasters better personalize their websites. appcms V2.0 has an arbitrary file reading...
Ocean CMS suffers from SQL injection vulnerability (CNVD-2021-05518)
Ocean CMS is a video-on-demand system designed for webmasters with different needs. Ocean CMS suffers from an SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...
Command Execution Vulnerability in Ocean CMS (CNVD-2020-69473)
Ocean CMS seacms, Ocean Video Management System is a video-on-demand system designed for webmasters with different needs. A command execution vulnerability exists in Ocean CMS. An attacker can exploit this vulnerability to write malicious code, execute system commands, and obtain system privilege...
Malicious PHP Script Infects 2,400 Websites in the Past Week
A botnet dubbed Brain Food is giving webmasters indigestion with related attacks that push bogus diet pills and IQ-boosting pills via web pages hosted on legitimate sites. So far, spammers have been successful, thanks to an effective Hypertext Preprocessor PHP script also called Brain Food that h...
webmasters.com XSS vulnerability
Open Bug Bounty ID: OBB-598336 Description| Value ---|--- Affected Website:| webmasters.com Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until disclosure Disclosure Standard:| Coordinated Disclosure based on ISO 2914...
secure.webmasters.com XSS vulnerability
Open Bug Bounty ID: OBB-597072 Description| Value ---|--- Affected Website:| secure.webmasters.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
webmasters.com XSS vulnerability
Open Bug Bounty ID: OBB-528180 Description| Value ---|--- Affected Website:| webmasters.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
FS Indiamart Clone - 'keywords' SQL Injection
Exploit Title: FS Indiamart Clone - SQL Injection Date: 2017-10-23 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/indiamart-clone/ Version: 23 October 17 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected]...
BackdoorMan - Toolkit That Helps You Find Malicious, Hidden And Suspicious PHP Scripts And Shells
A Python open source toolkit that helps you find malicious, hidden and suspicious PHP scripts and shells in a chosen destination, it automates the process of detecting the above. Purpose The main purpose of BackdoorMan is to help web-masters and developers to discover malicious scripts in their...
[SECURITY] Fedora 25 Update: mingw-libwebp-0.5.1-2.fc25
WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently...
[SECURITY] Fedora 24 Update: mingw-libwebp-0.5.1-2.fc24
WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently...
Google Shares Android Nougat, Safe Browsing Security Enhancements
Google this week shared with developers security enhancements it has added to the new Nougat version of Android and additional security features for webmasters via Safe Browsing to help pinpoint harmful content on websites. Under the banner of its nine-year-long Safe Browsing initiative, Google...
Critical Flaws in Magento leave Millions of E-Commerce Sites at Risk
If you are using Magento to run your e-commerce website, it's time for you to update the CMS content management system now. Millions of online merchants are at risk of hijacking attacks due to a number of critical cross-site scripting XSS vulnerabilities in the Magento, the most popular e-commerc...
Linux Ransomware targeting Servers and Threatening Webmasters to Pay
Since past few years, Ransomware has emerged as one of the catastrophic malware programs that lets hacker encrypts all the contents of a victim's hard drive or/and server and demands ransom typically to be paid in Bitcoin in exchange for a key to decrypt it. Until now cyber criminals were targeti...
RV Article Publisher CSRF Vulnerability
No description provided by source. Exploit Title: RV Article publisher CSRF Vulnerability Date: 26/08/2012 Author: DaOne @LibyanCA Vendor: http://www.scripts4webmasters.com Greetings to LCA CSRF Add Admin html body onload=document.form0.submit; form method=POST name=form0...
Adult Webmaster Script Password Disclosure Vulnerability
No description provided by source. Exploit Title: Yagina.com Adult Webmaster Script Admin Password Disclosure Category:webapps Description software : software website for webmasters promoting adult companies through referrals Date: 21-1-2013 Exploit Author: Dshellnoi Unix Vendor Homepage:...
Top Sites Script SQL Injection Vulnerability
No description provided by source. 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Top Sites SQL Vulnerable Vendor url:http://getaphpsite.com Version:...
Qi Bo cms back-end database tool at the filter is not strictly the actuator can be written in a word-vulnerability and early warning-the black bar safety net
If your account password is leaked then you're in danger. in the background can directly get a webshell The background for the convenience of webmasters to have a database tool where the implementation Select '%execute request"value"%' into outfile 'F:/wwwroot/shiyanshi/cache/1.asp'; Just write t...
Mozilla Drops Second Beta of Persona Privacy System
Mozilla has pushed out the second beta version of its Persona authentication system . The move is the latest step in the company’s campaign to rid the Web of passwords and make it easier for consumers to log on to sites regardless of the browser they’re using. The goal of Persona is that it will...