what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 3 of 3

Files from Calvin Phang

flatCore CMS XSS / File Disclosure / SQL Injection

Posted Jan 13, 2021

Authored by Calvin Phang, Yew Chung Cheah | Site sec-consult.com

flatCore CMS versions prior to 2.0.0 build 139 suffer from cross site scripting, file disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection

advisories | CVE-2021-23835, CVE-2021-23836, CVE-2021-23837, CVE-2021-23838

MD5 | 1fa6af99aeb588403f58ee25830613f4

Download | Favorite | View

SevOne Network Management System 5.7.2.22 SQL Injection / Command Injection

Posted Oct 2, 2020

Authored by Calvin Phang | Site sec-consult.com

SevOne Network Management System version 5.7.2.22 suffers from command injection, CSV formula injection, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection

MD5 | a1985e5482a5458f4280f73901a09840

Download | Favorite | View

WonderCMS 3.1.0 XSS / Directory Traversal / File Upload

Posted Jul 17, 2020

Authored by Calvin Phang | Site sec-consult.com

WonderCMS versions 3.1.0 and below suffer from directory traversal, persistent cross site scripting, and file upload vulnerabilities.

tags | advisory, vulnerability, xss, file upload

MD5 | c87a3407d183c31bf41f5245e885cf76

Download | Favorite | View