22 matches found
CVE-2024-44663
PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the product parameter in search-result.php...
PHPGurukul Online Discussion Forum SQL注入漏洞
Online Discussion Forum is an online forum. Online Discussion Forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Search in the file /admin/adminforum/searchresult.php. An attacker can exploit this...
PHPGurukul Restaurant Table Booking System 注入漏洞
Restaurant Table Booking System is a restaurant table reservation system. Restaurant Table Booking System suffers from a SQL injection vulnerability that stems from incorrect manipulation of the searchdata parameter in the /search-result.php file that can lead to SQL injection. No details of the...
PHPGurukul Online Shopping Portal 注入漏洞
Online Shopping Portal is an online store system. Online Shopping Portal suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter Product of the file /search-result.php. An attacker can exploit this vulnerability to...
CVE-2024-48284
A Reflected Cross-Site Scripting XSS vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary scripts via the searchkey parameter in a POST HTTP request...
PT-2024-33070 · Unknown · Phpgurukul User Registration & Login/User Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul User Registration & Login and User Management System version 3.2 Description: A Reflected Cross-Site Scripting XSS issue was discovered in the "/search-result.php" page, allowing remote attackers to execute arbitrary scripts via th...
PT-2022-23622 · Algosec · Algosec Fireflow
Name of the Vulnerable Software and Affected Versions: AlgoSec FireFlow affected versions not specified Description: The issue involves a Reflected Cross-Site-Scripting RXSS attack. A malicious user can inject JavaScript code into the IntersectudRule parameter on the "search/result.html" page. By...
CVE-2022-29004
Diary Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Name parameter in search-result.php...
CVE-2022-29004
Diary Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Name parameter in search-result.php...
mooretracks.com XSS vulnerability
Open Bug Bounty ID: OBB-674307 Description| Value ---|--- Affected Website:| mooretracks.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
datakasse.mystore.no XSS vulnerability
Open Bug Bounty ID: OBB-665967 Description| Value ---|--- Affected Website:| datakasse.mystore.no Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
woodman.com.tw XSS vulnerability
Open Bug Bounty ID: OBB-547837 Description| Value ---|--- Affected Website:| woodman.com.tw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
wintone.com.cn XSS vulnerability
Open Bug Bounty ID: OBB-444532 Description| Value ---|--- Affected Website:| wintone.com.cn Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
creps-montpellier.org XSS vulnerability
Vulnerable URL: https://www.creps-montpellier.org/search-result?s=+%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C/script%3E\n Details: Description| Value ---|--- Patched:| No Latest check for patch:| 14.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4423718 VIP...
infrasofttech.com XSS vulnerability
Vulnerable URL: http://www.infrasofttech.com/search-result?txt="" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 08.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 570052 VIP website status:| No Coordinated Disclosure Timeline:...
frequence-sud.fr XSS vulnerability
Vulnerable URL: https://www.frequence-sud.fr/recherche/resultat.php?recherche="'/alert/openbugbounty/...
baumit.at XSS vulnerability
Vulnerable URL: http://www.baumit.at/suchergebnisse.html?searchterm=%22%3Eblub%3Csvg%2Fonload%3Dalert%28%2FOPENBUGBOUNTY%2F%29%3E= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
Cross site scripting
An XSS vulnerability in the MantisBT Source Integration Plugin before 2.0.2 search result page allows an attacker to inject arbitrary HTML or JavaScript if MantisBT's CSP settings permit it by crafting any valid parameter...
CVE-2017-6958
An XSS vulnerability in the MantisBT Source Integration Plugin before 2.0.2 search result page allows an attacker to inject arbitrary HTML or JavaScript if MantisBT's CSP settings permit it by crafting any valid parameter...
ijofo.org XSS vulnerability
Vulnerable URL: http://www.ijofo.org/searchresult.asp?I1.x=0&I1.y;=0=openbug Details: Description| Value ---|--- Patched:| Yes, at 29.07.2016 Latest check for patch:| 29.07.2016 02:39 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...