ej3 topo 2.2.178 vulnerabilities and exploits

(subscribe to this query)

NA

Direct static code injection vulnerability in code/class_db_text.php in EJ3 TOPo 2.2.178 and previous versions allows remote malicious users to execute arbitrary PHP code via parameters such as (1) descripcion and (2) pais, which are stored directly in a PHP script. NOTE: the pro...

Ej3 Topo 2.2 Ej3 Topo 2.2.178

NA

Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 (2.2.178) allows remote malicious users to inject arbitrary web script or HTML via the (1) m, (2) s, (3) ID, or (4) t parameters, or the (5) field name, (6) Your Web field, or (7) email field in the comments secti...

Ej3 Topo 2.2 Ej3 Topo 2.2.178

1 EDB exploit

NA

TOPo 2.2 (2.2.178) stores data files in the data directory under the web document root with insufficient access control, which allows remote malicious users to obtain sensitive information such as client IP addresses.

Ej3 Topo 2.2 Ej3 Topo 2.2.178

NA

EJ3 TOPo 2.2.178 includes the password in cleartext in the ID field to index.php, which allows context-dependent malicious users to obtain entry passwords via log files, referrers, or other vectors.

Ej3 Topo 2.2.178

NA

index.php in EJ3 TOPo 2.2.178 allows remote malicious users to overwrite existing entries and establish new passwords for the overwritten entries via a URL with a modified entry ID.

Ej3 Topo 2.2.178

NA

Cross-site scripting (XSS) vulnerability in inc_header.php in EJ3 TOPo 2.2.178 allows remote malicious users to inject arbitrary web script or HTML via the gTopNombre parameter.

Ej3 Topo 2.2.178

1 EDB exploit

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook