White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the control_task.php, control_project.php, default_user.php files failing to filter the sort parameter. Remote attackers can exploit the vulnerability to obtain database...
White Shark System (WSS) 1.3.2 has a sensitive information disclosure vulnerability. The if_get_addbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site. Date...
White Shark System (WSS) 1.3.2 has an unauthorized access vulnerability in default_user_edit.php, remote attackers can exploit this vulnerability to escalate to admin privileges. Date published : 2021-06-21 https://github.com/itodaro/WhiteSharkSystem_cve
White Shark System (WSS) 1.3.2 has web site physical path leakage vulnerability. Date published : 2021-06-21 https://github.com/itodaro/WhiteSharkSystem_cve
White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the log_edit.php files failing to filter the csa_to_user parameter, remote attackers can exploit the vulnerability to obtain database sensitive information....
White Shark System (WSS) 1.3.2 is vulnerable to CSRF. Attackers can use the user_edit_password.php file to modify the user password. Date published : 2021-06-21 https://github.com/itodaro/WhiteSharkSystem_cve
Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes, Date published : 2021-06-21 http://blog.topsec.com.cn/typesetter-5-1-storage-type-cross-site-script/ http://www.typesettercms.com
Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php. Date published : 2021-06-21 http://blog.topsec.com.cn/textpattern-background-any-file-upload/
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin WordPress plugin before 7.1.18 did not sanitise or escape its result_id parameter when displaying an existing quiz result page, leading to a...
White Shark System (WSS) 1.3.2 is vulnerable to sensitive information disclosure via default_task_add.php, remote attackers can exploit the vulnerability to create a task. Date published : 2021-06-20 https://github.com/itodaro/WhiteSharkSystem_cve
White Shark System (WSS) 1.3.2 is vulnerable to unauthorized access via user_edit_password.php, remote attackers can modify the password of any user. Date published : 2021-06-20 https://github.com/itodaro/WhiteSharkSystem_cve
Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information of users and...
CheckSec Canopy before 3.5.2 allows XSS attacks against the login page via the LOGIN_PAGE_DISCLAIMER parameter. Date published : 2021-06-18 https://www.checksec.com/canopy.html https://www.compass-security.com/en/research/advisories
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the...