CVE-2023-25598

A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the home.php page. A successful...

CVE-2023-25598

A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the home.php page. A successful...

Cross site scripting

A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the home.php page. A successful...

Sql injection

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /billing/home.php...

Cross site scripting

A reflected cross-site scripting XSS vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATHINFO to home.php...

CVE-2016-10732

ProjectSend formerly cFTP r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?fileid=1, or process-zip-download.php, or adduserform parameters to users-add.php...

slavino.be XSS vulnerability

Open Bug Bounty ID: OBB-659757 Description| Value ---|--- Affected Website:| slavino.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2017-9786

Cross-site scripting XSS vulnerability in ProjectSend formerly cFTP before commit 6c3710430be26feb5371cb0377e5355d6f9a27ca allows remote attackers to inject arbitrary web script or HTML via the Description field in My account Name updated, related to home.php and actions-log.php...

CVE-2017-9786

Cross-site scripting XSS vulnerability in ProjectSend formerly cFTP before commit 6c3710430be26feb5371cb0377e5355d6f9a27ca allows remote attackers to inject arbitrary web script or HTML via the Description field in My account Name updated, related to home.php and actions-log.php...

performanceradiator.com XSS vulnerability

Open Bug Bounty ID: OBB-515307 Description| Value ---|--- Affected Website:| performanceradiator.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:...

tilda.ch XSS vulnerability

Open Bug Bounty ID: OBB-282865 Description| Value ---|--- Affected Website:| tilda.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

twghlffkg.edu.hk XSS vulnerability

Open Bug Bounty ID: OBB-282717 Description| Value ---|--- Affected Website:| twghlffkg.edu.hk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

stmkg.edu.hk XSS vulnerability

Vulnerable URL: http://www.stmkg.edu.hk/home.php?id=1...

hrvatski-plivacki-savez.hr XSS vulnerability

Vulnerable URL: http://www.hrvatski-plivacki-savez.hr/Sadrzaj/Home.php?id=Hom"';-- 〈=Eng Details: Description| Value ---|--- Patched:| No Latest check for patch:| 24.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2380620 VIP website status:| No Check...

aex.ablenetinc.com XSS vulnerability

Vulnerable URL: http://aex.ablenetinc.com/home.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check aex.ablenetinc.com SSL...

Cookie injection vulnerability in mallbuilder frontend v7.3.4 home.php file

MallBuilder is a multi-user online shopping mall solution system based on PHP+MYSQL. mallbuilder v7.3.4 has a SQL injection vulnerability in the foreground home.php, which allows attackers to obtain sensitive database information using common SQL injection tools...

cogindo.co.id XSS vulnerability

Vulnerable URL: http://cogindo.co.id/v3/home.php?lang=prompt'OPENBUGBOUNTY'...

apexgulf.ae XSS vulnerability

Vulnerable URL: http://www.apexgulf.ae/home.php?lang=fr"...

doitung.org XSS vulnerability

Vulnerable URL: http://www.doitung.org/home.php?gg=1%22--%3E%3Csvg/onload=;prompt/OPENBUGBOUNTY/;%3Eht Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3375914 VIP website status:| N...

Opial 1.0 - Arbitrary File Upload/XSS/SQL Injection Vulnerabilities

No description provided by source. ::::::::::::::::::::R3AL.RU:::::::::::::::::::: Opial 1.0 Arbitrary File Upload & XSS & SQL Injection genresparent Author: LMaster Greetz: r3al.ru Official Site with demo: http://www.opial.com --Arbitrary File Upload-- 1. Go to http://www.site.com/register.php 2...