[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252271

 
 

909

 
 

196835

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 251081 Download | Alert*

PHP Scripts Mall hotel-booking-script 2.0.4 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, or Address field.

An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services.

A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link.

An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/AuthManager/addToGroup.html that can endow administrator privileges.

An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/User/add.html that can add a user.

AuraCMS 2.3 allows XSS via a Bukutamu -> AddGuestbook action.

An issue was discovered in Juunan06 eCommerce through 2018-08-05. There is a CSRF vulnerability in ee/eBoutique/app/template/includes/crudTreatment.php that can add new users and add products.

BPC SmartVista 2 has CSRF via SVFE2/pages/admpages/roles/createrole.jsf.

BPC SmartVista 2 has Improper Access Control in the SVFE module, where it fails to appropriately restrict access: a normal user is able to access the SVFE2/pages/finadmin/currconvrate/currconvrate.jsf functionality that should be only accessible to an admin.

BPC SmartVista 2 has Session Fixation via the JSESSIONID parameter.


Pages:      Start    10978    10979    10980    10981    10982    10983    10984    10985    10986    10987    10988    10989    10990    10991    ..   25108

© SecPod Technologies