CVE-2017-14536

trixbox 2.8.0.4 has XSS via the PATHINFO to /maint/index.php or /user/includes/language/langChooser.php...

CVE-2017-14536

CVE-2017-14536 affects the trixbox 2.8.0.4 release and is a cross-site scripting (XSS) vulnerability triggered via PATH_INFO to /maint/index.php or /user/includes/language/langChooser.php. The available data describe the vulnerability as an XSS flaw without details on exploitation steps, affected...

CVE-2017-14536

trixbox 2.8.0.4 has XSS via the PATHINFO to /maint/index.php or /user/includes/language/langChooser.php...

Joomla! Component Google Map Landkarten 4.2.3 - SQL Injection

Exploit Title: Joomla! Component Google Map Landkarten = 4.2.3 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.joomla-24.de/ Software Link: https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/google-map-landkarten/ Software Download:...

Joomla! Component Fastball 2.5 - season SQL Injection

Joomla! Component Fastball 2.5 - season SQL Injection Exploit Title: Joomla! Component Fastball 2.5 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.fastballproductions.com/ Software Link: http://www.fastballproductions.com/ Version: 2.5 Category: Webapps Tested on:...

royalprincehoteldubai.com XSS vulnerability

Open Bug Bounty ID: OBB-555595 Description| Value ---|--- Affected Website:| royalprincehoteldubai.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2015-3618

Nagios Business Process Intelligence (BPI) is affected by a Cross-site scripting (XSS) vulnerability in which an attacker can inject arbitrary web script or HTML via index.php. The issue affects BPI releases prior to 2.3.4. Root cause is an XSS flaw in the web interface, leading to potential impa...

CVE-2015-3618

Cross-site scripting XSS vulnerability in Nagios Business Process Intelligence BPI before 2.3.4 allows remote attackers to inject arbitrary web script or HTML via vectors involving index.php...

Design/Logic Flaw

Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php...

CVE-2018-6550

Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php...

CVE-2018-6550

Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php...

TSiteBuilder 1.0 - SQL Injection

Exploit Title: TSiteBuilder 1.0 - SQL Injection Dork: N/A Date: 27.01.2018 Vendor Homepage: http://www.datacomponents.net/ Software Link: http://www.datacomponents.net/products/website/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsan Sencan Author Web...

Sql injection

SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobilepreview.php or index.php...

CVE-2018-5988

CVE-2018-5988 affects Flexible Poll 1.2. The vulnerability is a SQL Injection in the id parameter of mobile_preview.php and index.php, caused by unsafely handling user-supplied input. Impact per sources: remote attacker can inject SQL commands, with potential data exposure/integrity effects as de...

Design/Logic Flaw

CentOS-WebPanel.com aka CWP CentOS Web Panel through v0.9.8.12 has XSS via the module value of the index.php file...

CVE-2018-5961

CentOS-WebPanel.com aka CWP CentOS Web Panel through v0.9.8.12 has XSS via the module value of the index.php file...

CVE-2018-5961

CentOS-WebPanel.com aka CWP CentOS Web Panel through v0.9.8.12 has XSS via the module value of the index.php file...

CVE-2018-5961

CVE-2018-5961 affects CentOS Web Panel up to v0.9.8.12, where an XSS vulnerability exists via the module parameter in the index.php file. The issue is described as a Cross-Site Scripting vulnerability (non-persistent) that can lead to script execution in a victim’s browser. Public details across ...

PT-2018-17249 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel versions through v0.9.8.12 Description: The issue concerns an XSS vulnerability via the module value of the "index.php" file. Recommendations: For versions through v0.9.8.12, as a temporary workaround, consider restricting...

CentOS Web Panel 0.9.8.12 - Multiple Vulnerabilities

Document Title: =============== CentOS Web Panel v0.9.8.12 - Multiple Persistent Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1836 Release Date: ============= 2018-01-19 Vulnerability Laboratory ID VL-ID:...