105 matches found
Cross site scripting
An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the userid parameter to signup.php...
CVE-2014-9918
An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the userid parameter to signup.php...
CVE-2014-9918
The connected documents confirm a Stored XSS vulnerability in Bilboplanet 2.0 affecting the signup.php endpoint via the user_id parameter. Root cause and technical details are not expanded beyond this description in the provided sources; no explicit exploit code or affected versions are listed. P...
CVE-2014-9919
CVE-2014-9919 affects Bilboplanet 2.0 with a Stored XSS in the signup.php fullname parameter. The NVD entry lists a CVSS‑v3 base score of 6.1 (MEDIUM): AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N, i.e., network attack, no availability impact, but partial confidentiality/integrity impact with user interac...
CVE-2014-9919
An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the fullname parameter to signup.php...
freetorrent.fr XSS vulnerability
Open Bug Bounty ID: OBB-658393 Description| Value ---|--- Affected Website:| freetorrent.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
petmemorialcenter.ca XSS vulnerability
Open Bug Bounty ID: OBB-582011 Description| Value ---|--- Affected Website:| petmemorialcenter.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
nlccgasms.ca XSS vulnerability
Open Bug Bounty ID: OBB-581995 Description| Value ---|--- Affected Website:| nlccgasms.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
filesell.ir XSS vulnerability
Open Bug Bounty ID: OBB-573608 Description| Value ---|--- Affected Website:| filesell.ir Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2017-18194
HamayeshNegar CMS is affected in its signup component (users/signup.php). The vulnerability is a SQL injection caused by the utype parameter, allowing a remote attacker to execute arbitrary SQL commands. The exploitation details are not provided in the documents; no patch or remediation steps are...
barrieexeclimo.com XSS vulnerability
Open Bug Bounty ID: OBB-456513 Description| Value ---|--- Affected Website:| barrieexeclimo.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...
CVE-2017-7410
Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker 2.10.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 username, 2 displayname parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Bilboplanet 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 tribename or 2 tags parameter in a tribes page request to user/ or the 3 userid or 4 fullname parameter to signup.php...
planet-libre.org XSS vulnerability
Vulnerable URL: http://www.planet-libre.org/signup.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 587870 VIP website status:| No Check planet-libre.org SSL connection:| Grade: ...
pce2016.ir XSS vulnerability
Vulnerable URL: http://www.pce2016.ir/users/signup.php?utype=admin" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 5287830 VIP website status:| No Check pce2016.ir SSL connection:|...
onlinemufti.com XSS vulnerability
Vulnerable URL: http://www.onlinemufti.com/signup.php?q=Basica75iy%22%3E%3Cscript%3Ealert/OPENBUGBOUNTY/%3C/script%3Etar6b Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown /...
imagefap.com XSS vulnerability
Vulnerable URL: http://www.imagefap.com/signup.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1697 Google Pagerank| 4 VIP website status:| Yes Check imagefap.com SSL connection...
CVE-2015-6827
Cross-site request forgery CSRF vulnerability in Auto-Exchanger 5.1.0 allows remote attackers to hijack the authentication of users for requests that change a password via a request to signup.php...
ClipBucket CMS Xss Vulnerability
Xss Vulnerability In ClipBucket CMS @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@ @@@ @@@ @@@ @@ @@@ @...
OrbitHYIP 2.0 signup.php referral Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17766/info OrbitHYIP is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...