city-sleeping.de XSS vulnerability

Vulnerable URL: http://www.city-sleeping.de/contact.php?la=" Details: Description| Value ---|--- Patched:| Yes, at 21.11.2017 Latest check for patch:| 21.11.2017 19:00 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VI...

superstories.be XSS vulnerability

Open Bug Bounty ID: OBB-51061 Description| Value ---|--- Affected Website:| superstories.be Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

VBZooM Forum 1.11 contact.php UserID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16956/info VBZooM Forum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issue...

Mambo Site Server 4.0.14 contact.php Unauthorized Mail Relay

No description provided by source. source: http://www.securityfocus.com/bid/8647/info It has been reported that Mambo Open Source Server is prone to multiple input validation vulnerabilities that may allow remote attackers to inject malicious SQL syntax into database queries and send anonymous...

ATutor 1.4.3 contact.php subject Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

Mambo Site Server 4.0.14 emailarticle.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/8647/info It has been reported that Mambo Open Source Server is prone to multiple input validation vulnerabilities that may allow remote attackers to inject malicious SQL syntax into database queries and send anonymous...

Free File Hosting System 1.1 contact.php AD_BODY_TEMP Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/23118/info Free File Hosting is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the applicati...

miniCWB <= 1.0.0 (contact.php) Local File Include Exploit

No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

Portal Web Services CRLF Injection / XSS

Exploit Title: Portal Web Services Cms CRLF injection + Cross Site Scripting Vulnerability + Exploit Author: Ashiyane Digital Security Team + Home : www.Ashiyane.org + Vendor Homepage: www.portalwebservices.com + Tested on: Windows 7 + Dork: intext:"Powered By : Portal Web Services"...

ITHorizon SQL Injection

Exploit Title: ITHorizon lang SQL Injection Vulnerability Author : CoBRa21 E-Mail : uykucu at windowslive.com Google Dork : Powered by ITHorizon Script Page : http://www.ithorizon.net/ Exploit http://127.0.0.1/PATH/contact.php?lang=1' SQL http://127.0.0.1/PATH/contact.php?lang=1 union select...

ITHorizon (lang) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: ITHorizon lang SQL Injection Vulnerability Author : CoBRa21 E-Mail : uykucu at windowslive.com Google Dork : Powered by ITHorizon Script Page : http://www.ithorizon.net/ Exploit http://127.0.0.1/PATH/contact.php?lang=1' SQL...

BlueFire Creative SQL Injection

By : CR9 Greetz : Perspicacious Hackers In The World . ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : BlueFire Creative SQL Injection Vulnerability Vendor : http://bluefirecreative.com Author : CR9 Home : Http://Nopotm.ir Archive : Http://Nopotm.ir/forums Email :...

CVE-2010-4500

Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 subject, and 4 message parameters in a sendmess action. NOTE: the provenance of this...

Sql injection

Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 subject, and 4 message parameters in a sendmess action. NOTE: the provenance of this...

Sql injection

Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 email parameters in a showtickets action...

CVE-2010-4363

Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY MCG FreeTicket 1.0.0, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 email parameters in a showtickets action...

CVE-2010-4363

The CVE-2010-4363 entry concerns MRCGIGUY (MCG) FreeTicket 1.0.0. The vulnerability is a SQL injection in contact.php exposed via the showtickets action, exploitable through the id and email parameters when magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary SQL comman...

Sql injection

SQL injection vulnerability in contact.php in My Little Forum allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-2942...

CVE-2010-2133

SQL injection vulnerability in contact.php in My Little Forum allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-2942...

CVE-2010-2133

The provided documents establish a concrete SQL injection vulnerability in My Little Forum related to contact.php via the id parameter (a vector different from CVE-2007-2942). Affected software is My Little Forum, with reference to user.php in 1.7 and earlier for the related CVE-2007-2942. The ro...