CVE-2018-6861

Cross Site Scripting XSS exists in PHP Scripts Mall Lawyer Search Script 1.0.2 via a profile update parameter...

CVE-2018-6864

Cross Site Scripting XSS exists in PHP Scripts Mall Multi religion Responsive Matrimonial 4.7.2 via a user profile update parameter...

CVE-2018-6861

Cross Site Scripting XSS exists in PHP Scripts Mall Lawyer Search Script 1.0.2 via a profile update parameter...

AlegroCart SQL Injection Vulnerability

AlegroCart is an open source online business solution from the Canadian ALEGROCART team. A SQL injection vulnerability exists in AlegroCart version 1.2.8. Remote attackers can use a variety of methods to exploit the vulnerability to execute arbitrary SQL commands. The methods include:...

Auto CMS 1.8 - Remote Code Execution

Date: 10/31/2010 Site: http://www.giudinvx.altervista.org/ Site CMS: http://ventics.com/autocms/ / errorreporting0; settimelimit0; function openfsock $host, $pack if !$fp = fsockopen$host, 80 die"\nNo response\n"; else fputs$fp, $pack; while !feof$fp $ret .= fgets$fp, 1024; fclose$fp; return $ret...

OpenForum 'profile.php' Authentication Bypass Vulnerability

This host is installed with OpenForum and is prone to Authentication Bypass vulnerability. OpenVAS Vulnerability Test $Id: secpodopenforumauthbypassvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ OpenForum 'profile.php' Authentication Bypass Vulnerability Authors: Nikita MR Copyright: Copyright c 20...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in InstantASP 4.1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 SessionID parameter to a Logon.aspx, and the 2 Username and 3 Update parameters to b Members1.aspx...