CVE-2018-18406
An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a...
An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a...
SQL injection exists in Scriptzee Hotel Booking Engine 1.0 via the hotels h_room_type parameter. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/45509
SQL injection exists in Scriptzee Flippa Marketplace Clone 1.0 via the site-search sortBy or sortDir parameter. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/41674
SQL injection exists in Scriptzee Education Website 1.0 via the college_list.html subject, city, or country parameter. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/45510
An issue was discovered in e107 v2.1.9. There is a XSS attack on e107_admin/comment.php. Date published : 2019-06-19 https://github.com/Kiss-sh0t/e107_v2.1.9_XSS_poc https://github.com/e107inc/e107/issues/3414
SQL Injection exists in the Jimtawl 2.2.7 component for Joomla! via the id parameter. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/45524
SQL Injection exists in the AMGallery 1.2.3 component for Joomla! via the filter_category_id parameter. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/45451
SQL Injection exists in HealthNode Hospital Management System 1.0 via the id parameter to dashboard/Patient/info.php or dashboard/Patient/patientdetails.php. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/46148
CSRF exists in server.php in Live Call Support Application 1.5 for adding an admin account. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/46140
SQL Injection exists in Twilio WEB To Fax Machine System 1.0 via the email or password parameter to login_check.php, or the id parameter to add_email.php or edit_content.php. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/46139
CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/42648
SQL Injection exists in the Micro Deal Factory 2.4.0 component for Joomla! via the id parameter, or the PATH_INFO to mydeals/ or listdeals/. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/45452
SQL Injection exists in the Dutch Auction Factory 2.0.2 component for Joomla! via the filter_order_Dir or filter_order parameter. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/45462
SQL Injection exists in the Auction Factory 4.5.5 component for Joomla! via the filter_order_Dir or filter_order parameter. Date published : 2019-06-19 https://www.exploit-db.com/author/?a=8844 https://www.exploit-db.com/exploits/45456