Sql injection

Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter...

Sql injection

Event Search Script 1.0 has SQL Injection via the /event-list city parameter...

Sql injection

Doctor Search Script 1.0 has SQL Injection via the /list city parameter...

CVE-2017-17606

CVE-2017-17606 affects the PHP Scripts Mall Co-work Space Search Script 1.0, with a SQL injection vulnerability in the /list endpoint via the city parameter. The root cause is unsanitized input allowing arbitrary SQL execution, leading to potential data disclosure/ modification. In the connected ...

CVE-2017-17620

CVE-2017-17620 affects Lawyer Search Script 1.1 (PHP Scripts Mall India). The vulnerability is a SQL Injection in the /lawyer-list endpoint via the city parameter, caused by improper input handling in the script. Public references indicate a remote attacker could inject SQL commands through city,...

CVE-2017-17616

CVE-2017-17616 affects PHP Scripts Mall Event Search Script 1.0. A SQL injection exists in the /event-list endpoint via the city parameter, enabling a remote attacker to inject SQL commands. The CNVD entry confirms the vulnerability and the affected script version; exploitation details are provid...

CVE-2017-17611

Doctor Search Script 1.0 has SQL Injection via the /list city parameter...

CVE-2017-17620

Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter...

CVE-2017-17616

Event Search Script 1.0 has SQL Injection via the /event-list city parameter...

CVE-2017-17611

The CVE-2017-17611 entry concerns Doctor Search Script 1.0 (PHP Scripts Mall India). A SQL injection vulnerability exists in the /list endpoint via the city parameter, caused by unsanitized input used in SQL queries. Affected component: Doctor Search Script 1.0; vendor: PHP Scripts Mall (India); ...

Lawyer Search Script 1.1 - lawyer-list?city SQL Injection

Lawyer Search Script 1.1 - lawyer-list?city SQL Injection Exploit Title: Lawyer Search Script 1.1 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/lawyer-script/ Version: 1.1 Category: Webapps Tested...

Lawyer Search Script 1.1 SQL Injection

Exploit Title: Lawyer Search Script 1.1 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/lawyer-script/ Version: 1.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsan...

Lawyer Search Script 1.1 - 'lawyer-list?city' SQL Injection

Exploit Title: Lawyer Search Script 1.1 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/lawyer-script/ Version: 1.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsan...

Co-work Space Search Script 1.0 SQL Injection

Exploit Title: Co-work Space Search Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/co-work-space-search-script/ Demo: http://ordermanagementscript.com/demo/co-work-space/ Version: 1.0...

yarmulkes.com XSS vulnerability

Open Bug Bounty ID: OBB-451467 Description| Value ---|--- Affected Website:| yarmulkes.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Co-work Space Search Script 1.0 - city SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Co-work Space Search Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/co-work-space-search-script/ Demo:...

Co-work Space Search Script 1.0 - city SQL Injection

Co-work Space Search Script 1.0 - city SQL Injection Exploit Title: Co-work Space Search Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/co-work-space-search-script/ Demo:...

Web Reference Database SQL Injection Vulnerability (CNVD-2015-06458)

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. The Web Reference Database rss.php script fails to adequately filter the 'where' parameter and the search.php script fails to adequately filter...

Synkron.Web 3.0 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7833/info Synkron.web is prone to HTML injection attacks. The vulnerability exists in the search script and is a result of insufficient sanitization of malicious HTML code from user-supplied input. HTML and script code ma...

Vacation Rental Script 3.0 CSRF / XSS / File Disclosure

Vacation Rental Script V3.0 - Multiple Vulnerabilties ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script : http://www.phpjabbers.com/vacation-rental-script/ .:. Tested On Demo :...