Joomla! Component OS Services Booking 2.5.1 - SQL Injection

Joomla! Component OS Services Booking 2.5.1 - SQL Injection Exploit Title: Joomla! Component OS Services Booking v2.5.1 - SQL Injection Google Dork: inurl:index.php?option=comosservicesbooking Date: 18.02.2017 Vendor Homepage: https://www.joomdonation.com/ Software Buy:...

Joomla Team Display 1.2.1 SQL Injection

Exploit Title: Joomla! Component Team Display v1.2.1 - SQL Injection Google Dork: inurl:index.php?option=comteamdisplay Date: 17.02.2017 Vendor Homepage: http://addonstreet.com/ Software Buy: https://extensions.joomla.org/extensions/extension/vertical-markets/thematic-directory/team-display/ Demo...

Joomla Spider FAQ Lite 1.3.1 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component Spider FAQ Lite v1.3.1 - SQL Injection Google Dork: inurl:index.php?option=comspiderfaq Date: 16.02.2017 Vendor Homepage: http://web-dorado.com/ Software Buy:...

Joomla! Component Spider Calendar Lite 3.2.16 - SQL Injection

Exploit Title: Joomla! Component Spider Calendar Lite v3.2.16 - SQL Injection Google Dork: inurl:index.php?option=comspidercalendar Date: 16.02.2017 Vendor Homepage: http://web-dorado.com/ Software Buy:...

Joomla JE Messanger SQL Injection

Exploit Title: Joomla! Component JE Messanger - SQL Injection Google Dork: inurl:index.php?option=comjemessenger Date: 13.02.2017 Vendor Homepage: http://www.joomlaextension.biz/ Software Buy: http://www.joomlaextension.biz/demo/index.php?option=comjemessenger Demo:...

CVE-2014-9760

Cross-site scripting XSS vulnerability in the displayLogin function in html/index.php in GOsa allows remote attackers to inject arbitrary web script or HTML via the username...

CVE-2014-9760

GOsa contains a cross-site scripting (XSS) vulnerability in the displayLogin function (html/index.php). The vulnerability allows remote attackers to inject arbitrary web script or HTML via the username parameter. The available documents do not specify affected versions, root cause beyond the inpu...

CVE-2014-9760

Cross-site scripting XSS vulnerability in the displayLogin function in html/index.php in GOsa allows remote attackers to inject arbitrary web script or HTML via the username...

Joomla! Component JE Directory 1.7 - 'ditemid' SQL Injection

Exploit Title: Joomla! Component JE Directory Ads 1.7 - SQL Injection Google Dork: inurl:index.php?option=comjedirectory Date: 13.02.2017 Vendor Homepage: http://www.joomlaextension.biz/ Software Buy:...

Examplo Online Exam System SQL Injection

Exploit Title: Examplo - Online Exam System - SQL Injection Google Dork: N/A Date: 09.02.2017 Vendor Homepage: http://softpae.sk/ Software Buy: https://codecanyon.net/item/examplo-online-exam-system/16174658 Demo: http://munka.softpae.sk/examplo/ Version: N/A Tested on: Win7 x64, Kali Linux x64...

EXAMPLO - SQL Injection

EXAMPLO - SQL Injection Exploit Title: Examplo - Online Exam System - SQL Injection Google Dork: N/A Date: 09.02.2017 Vendor Homepage: http://softpae.sk/ Software Buy: https://codecanyon.net/item/examplo-online-exam-system/16174658 Demo: http://munka.softpae.sk/examplo/ Version: N/A Tested on: Wi...

karbenopenair.de XSS vulnerability

Vulnerable URL: http://www.karbenopenair.de/index.php?sub=ticketsprompt/OPENBUGBOUNTY/...

badiklat.sumutprov.go.id XSS vulnerability

Vulnerable URL: http://badiklat.sumutprov.go.id/index.php?id=berita=25'--...

traintime.uk XSS vulnerability

Vulnerable URL: http://www.traintime.uk/index.php?from=PSN'"--!confirmOPENBUGBOUNTY...

Malware exploit: Solar

SQL injection. localhost/index.php POSTDATA i=1881&p=80&u=8302&h=282&s=AUD...

CVE-2017-5347

SQL injection vulnerability in inc/mod/newsletter/options.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the recipient parameter to gxadmin/index.php...

bmstv.co.uk XSS vulnerability

Vulnerable URL: http://bmstv.co.uk/index.php?file=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check bmstv.co.uk SSL connection...

WordPress plugin wpcalendar suffers from a reflected cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A reflective cross-site scripting vulnerability exists in the WordPress plugin wpcalendar 'index.php' page, as the program fails to effectively filter user-submitte...

CVE-2016-10038

Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/remove...

bikescale.com XSS vulnerability

Vulnerable URL: http://bikescale.com/index.php?d=artykul...