Search Results | AttackerKB

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2017-17937

Disclosure Date: December 28, 2017 (last updated November 26, 2024)

Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search.

Attacker Value

Unknown

CVE-2017-17936

Disclosure Date: December 28, 2017 (last updated November 26, 2024)

Vanguard Marketplace Digital Products PHP has CSRF via /search.

Attacker Value

Unknown

CVE-2017-17874

Disclosure Date: December 27, 2017 (last updated November 26, 2024)

Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI.

Attacker Value

Unknown

CVE-2017-17873

Disclosure Date: December 27, 2017 (last updated November 26, 2024)

Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI.

4 Total Results

Displaying 1-4 of 4

Unknown

CVE-2017-17937

Unknown

CVE-2017-17936

Unknown

CVE-2017-17874

Unknown

CVE-2017-17873

Quick Cookie Notification