PBBoard 2.1.4 SQL Injection
PBBoard version 2.1.4 suffers from multiple remote SQL injection vulnerabilities.
View ArticleSimple Web Content Management System 1.1 SQL Injection
Simple Web Content Management System version 1.1 suffers from multiple remote SQL injection vulnerabilities. Most of these issues were already priorly discovered in early 2011 by John Leitch for...
View ArticlephpAccounts 0.5.3 SQL Injection
phpAccounts version 0.5.3 suffers from a remote SQL injection vulnerability.
View ArticleMailTraq 2.17.3.3150 Cross Site Scripting
MailTraq version 2.17.3.3150 suffers from a stored cross site scripting vulnerability.
View ArticleAfterLogic Mailsuite Pro 6.3 Cross Site Scripting
AfterLogic Mailsuite Pro (VMware Appliance) version 6.3 suffers from a stored cross site scripting vulnerability.
View ArticleMailEnable Enterprise 6.5 Cross Site Scripting
MailEnable Enterprise version 6.5 suffers from a stored cross site scripting vulnerability.
View ArticleESCON SupportPortal Pro 3.0 Cross Site Scripting
ESCON SupportPortal Pro version 3.0 suffers from a stored cross site scripting vulnerability.
View ArticleEmailArchitect Enterprise Email Server 10.0 Cross Site Scripting
EmailArchitect Enterprise Email Server version 10.0 suffers from a stored cross site scripting vulnerability.
View ArticleAxigen Mail Server 8.0.1 Cross Site Scripting
Axigen Mail Server version 8.0.1 suffers from a stored cross site scripting vulnerability.
View ArticleCyclope Employee Surveillance Solution 6.0 SQL Injection
Cyclope Employee Surveillance Solution version 6.0 suffers from a remote SQL injection vulnerability.
View ArticleSpytech NetVizor 6.1 Denial Of Service
Spytech NetVizor version 6.1 suffers from a denial of service vulnerability.
View ArticleCyclope Employee Surveillance Solution 6 SQL Injection
This Metasploit module exploits a SQL injection found in Cyclope Employee Surveillance Solution. Because the login script does not properly handle the user-supplied username parameter, a malicious user...
View ArticleCyclope Employee Surveillance Solution 6.0 LFI / SQL Injection
Cyclope Employee Surveillance Solution version 6.0 suffers from local file inclusion and remote SQL injection vulnerabilities.
View ArticleSphpforum 0.4 Cross Site Scripting / SQL Injection
Sphpforum version 0.4 suffers from cross site scripting and remote SQL injection vulnerabilities.
View ArticleClipbucket 2.5 Blind SQL Injection
Clipbucket version 2.5 suffers from a remote blind SQL injection vulnerability.
View ArticleClipbucket 2.5 Directory Traversal
Clipbucket version 2.5 suffers from a directory traversal vulnerability.
View Articleop5 Monitoring 5.4.2 XSS / CSRF / SQL Injection
op5 Monitoring version 5.4.2 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
View ArticleqdPM 7 Arbitrary PHP File Upload
This Metasploit module exploits a vulnerability found in qdPM - a web-based project management software. The user profile's photo upload feature can be abused to upload any arbitrary file onto the...
View ArticleWeb Help Desk 11.0.7 Cross Site Scripting
Web Help Desk version 11.0.7 suffers from a stored cross site scripting vulnerability.
View ArticleWeBid 1.0.5 Directory Traversal
WeBid versions 1.0.5 and below suffer from a directory traversal vulnerability.
View ArticlePHP Server Monitor Cross Site Scripting
PHP Server Monitor version 2.0.1 suffers from a stored cross site scripting vulnerability.
View ArticleeM Client 5.0.18025.0 Cross Site Scripting
eM Client e-mail client version 5.0.18025.0 suffers from a stored cross site scripting vulnerability.
View ArticleCyclope Employee Surveillance 8.6.1 Insecure File Permissions
Cyclope Employee Surveillance versions 8.6.1 and below suffer from a multiple of insecure file permission vulnerabilities.
View ArticlePi-Hole 2.8.1 Cross Site Scripting
Pi-Hole version 2.8.1 with web interface version 1.3 suffers from a persistent cross site scripting vulnerability.
View Article