Web App Vulnerabilities

1. Introduction 2. Technical Explanation The vulnerability stems from unsanitized user input passed to the ‘wizard/url.php’ script which is then...

1. Introduction The php-Charts wizard/index.php PHP Execution vulnerability allows attackers to run arbitrary code on servers running the affected application....

1. Introduction phpCOIN version 1.2.2 and older is vulnerable to multiple SQL injection attacks. This means an attacker could potentially...

1. Introduction The PHP-Fusion forum/viewthread.php highlight Parameter XSS vulnerability is a cross-site scripting flaw in the PHP-Fusion web application. This...

1. Introduction PhpGedView Detection identifies instances of the PhpGedView genealogy program running on web servers. This is a potential information...

1. Introduction phpGraphy EXIF Data XSS is a cross-site scripting vulnerability in the phpGraphy web application. This allows an attacker...

1. Introduction PHPinfo Information Disclosure occurs when a PHP file containing the ‘phpinfo()’ function is accessible on a web server....

1. Introduction phpMoAdmin Detection identifies instances of phpMoAdmin, a web application used for managing MongoDB databases, running on your systems....

1. Introduction Piwik core/Loader.php contains a backdoor that allows remote attackers to execute arbitrary PHP code with the privileges of...

1. Introduction Piwik Detection identifies instances of the Piwik web analytics tool running on a remote server. Piwik, now known...