Lucene search
K

482 matches found

Packet Storm
Packet Storm
added 2012/04/04 12:0 a.m.52 views

e-ticketing SQL Injection

'e-ticketing' SQL Injection CVE-2012-1673 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in loginscript.php that allows for SQL injection of the 'username' and 'password' POST parameters. II. TESTED VERSION...

7.5CVSS0.02224EPSS
Exploits6
0day.today
0day.today
added 2012/04/04 12:0 a.m.23 views

e-ticketing SQL Injection (CVE-2012-1673)

Exploit for php platform in category web applications 'e-ticketing' SQL Injection CVE-2012-1673 Mark Stanislav - email protected I. DESCRIPTION --------------------------------------- A vulnerability exists in loginscript.php that allows for SQL injection of the 'username' and 'password' POST...

7.1AI score0.02224EPSS
Exploits6
exploitpack
exploitpack
added 2012/04/04 12:0 a.m.56 views

e-ticketing - SQL Injection

e-ticketing - SQL Injection 'e-ticketing' SQL Injection CVE-2012-1673 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in loginscript.php that allows for SQL injection of the 'username' and 'password' POST parameters. II. TEST...

7.5CVSS0.02224EPSS
Exploits6
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.92 views

Mibew messenger multiple XSS

Advisory ID: CSA-12001 Title: Mibew messenger multiple XSS Product: mibew messenger Version: 1.6.4 and probably prior Vendor: mibew.org Vulnerability type: XSS Vendor notification: 2012-01-07 Public disclosure: 2012-01-24 Mibew messenger version 1.6.4 an probably below is vulnerable to multiple X...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/08/05 12:0 a.m.9 views

Digital Scribe Multiple Cross Site Scripting Vulnerabilities

Digital Scribe is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7AI score
Exploits0References4
Packet Storm
Packet Storm
added 2011/07/31 12:0 a.m.21 views

Digital Scribe 1.5 Cross Site Scripting

25: 26: 27: Title:" SIZE=4 Mr., Mrs., etc 28: 29: Last Name:" 30: Password: 31: 32: Password Again: 33: 34: E-Mail:INPUT TYPE=TEXT NAME=e...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/07/31 12:0 a.m.18 views

Digital Scribe 1.5 - register_form() Multiple POST Cross-Site Scripting Vulnerabilities

Digital Scribe 1.5 - registerform Multiple POST Cross-Site Scripting Vulnerabilities 25: 26: 27: Title:" SIZE=4 Mr., Mrs., etc 28: 29: Last Name:" 30: Password: 31: 32: Password Again: 33: 34: E-Mail:INP...

7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2011/02/16 12:0 a.m.26 views

Cisco Security Agent Management st_upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Security Agent Management Console. Authentication is not required to exploit this vulnerability. The flaw exists within the webagent.exe component which is handed requests by an Apache instan...

10CVSS5AI score0.19617EPSS
Exploits9References1
exploitpack
exploitpack
added 2011/02/12 12:0 a.m.30 views

PixelPost 1.7.3 - Multiple POST SQL Injections

PixelPost 1.7.3 - Multiple POST SQL Injections -------------------------------------------------------------------- Pixelpost 1.7.3 Multiple POST Variables SQL Injection Vulnerability Vendor: Pixelpost.org Product web page: http://www.pixelpost.org Affected version: 1.7.3 Summary: Pixelpost is an...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/02/12 12:0 a.m.33 views

TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities

TaskFreak! v0.6.4 Multiple Cross-Site Scripting Vulnerabilities Vendor: Stan Ozier Product web page: http://www.taskfreak.com Affected version: 0.6.4 multi-user Summary: TaskFreak! Original is a simple but efficient web based task manager written in PHP. Desc: TaskFreak! suffers from multiple XSS...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/02/11 12:0 a.m.20 views

Pixelpost 1.7.3 SQL Injection

-------------------------------------------------------------------- Pixelpost 1.7.3 Multiple POST Variables SQL Injection Vulnerability Vendor: Pixelpost.org Product web page: http://www.pixelpost.org Affected version: 1.7.3 Summary: Pixelpost is an open-source, standards-compliant, multi-lingua...

Exploits0
exploitpack
exploitpack
added 2010/11/10 12:0 a.m.9 views

eBlog 1.7 - Multiple SQL Injections

eBlog 1.7 - Multiple SQL Injections eBlog 1.7 Multiple SQL Injection Vulnerabilities Name eBlog Vendor https://emuci.com Versions Affected 1.7 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-11-10 X. INDEX I. ABOUT T...

Exploits0
phpMyAdmin
phpMyAdmin
added 2010/08/20 12:0 a.m.47 views

Several XSS vulnerabilities were found in the code.

PMASA-2010-5 Announcement-ID: PMASA-2010-5 Date: 2010-08-20 Summary Several XSS vulnerabilities were found in the code. Description It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages. Severity We consider this vulnerability to be serious. Mitigation...

4.3CVSS5.8AI score0.0268EPSS
Exploits1Affected Software1
FreeBSD
FreeBSD
added 2010/08/09 12:0 a.m.27 views

phpmyadmin -- Several XSS vulnerabilities

phpMyAdmin Team reports: It was possible to conduct a XSS attack using crafted URLs org POST parameters on several pages...

4.3CVSS5.9AI score0.0268EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2009/06/04 12:0 a.m.38 views

Blue Collar Productions iGallery 4.1 Plus File Download

Vendor Notified: 05/25/2009 Vulnerability Details: ------------------------------------------- Blue Collar Productions iGallery 4.1 Plus http://www.b-cp.com/igallery/default.asp is a commercial photo gallery script written in Classic ASP. There exists also a free version named iGallery 3.4. The...

Exploits0
Exploit DB
Exploit DB
added 2008/06/02 12:0 a.m.16 views

OtomiGenX 2.2 - 'userAccount' SQL Injection

source: https://www.securityfocus.com/bid/29470/info OtomiGenX is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

7AI score
Exploits0
securityvulns
securityvulns
added 2007/07/25 12:0 a.m.63 views

Mitridat Form Processor Pro XSS

Greetings, I have discovered cross-site scripting vulnerability in Mitridat's Form Processor Pro. http://www.mitridat.com/ http://www.mitridat.com/products-form-processor-pro.html Form Mail: Email Form Processor Pro™ - process all forms on your website Form Mail: Email Form Processor Pro is the...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/07/07 12:0 a.m.38 views

olms-xss.txt

BACKGROUND ========== "Oliver is the web-based Library Management System for Schools. Softlink has built on the understanding of thousands of school clients, over many years, and has designed a new system for school libraries and learning resource centres in the 21st century" -- from...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/07/04 12:0 a.m.88 views

Cross Site Scripting in Oliver Library Management System

BACKGROUND ========== "Oliver is the web-based Library Management System for Schools. Softlink has built on the understanding of thousands of school clients, over many years, and has designed a new system for school libraries and learning resource centres in the 21st century" -- from...

7.2AI score
Exploits0
NVD
NVD
added 2007/02/16 1:28 a.m.13 views

CVE-2007-0969

Multiple cross-site scripting XSS vulnerabilities in WebTester 5.0.20060927 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to POST parameters to multiple files...

6.8CVSS5.8AI score0.01564EPSS
Exploits1References7
Rows per page
Query Builder