168 matches found
Website Broker Script 3.02 - view Parameter SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Website Broker Script v3.02 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/website-broker-script/ Demo:...
CVE-2016-0769
Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow 1 remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the 2 view, 3 mark, or 4 change parameter...
CVE-2013-1770
Cross-site scripting XSS vulnerability in viewsview.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the viewname parameter...
XSS in the view parameter of several actions
The following XSS issues were detected by a customer. /changelog?max=30&view=cru%22;alert4015891;//%22&@asv=cru /project/CR?max=30&projectKey=CR&view=all";alert3166631;//"&@asv=all /user/c30626?max=30&name=c30626&view=all";alert1287220;//"&@asv=all...
XSS in the view parameter of several actions
The following XSS issues were detected by a customer. /changelog?max=30&view=cru%22;alert4015891;//%22&@asv=cru /project/CR?max=30&projectKey=CR&view=all";alert3166631;//"&@asv=all /user/c30626?max=30&name=c30626&view=all";alert1287220;//"&@asv=all...
DEBIAN-CVE-2013-0332
Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. dot dot in the 1 view, 2 request, or 3 action parameter...
CVE-2012-1213
Cross-site scripting XSS vulnerability in zimbra/h/calendar in Zimbra Web Client in Zimbra Collaboration Suite ZCS 6.x before 6.0.15 and 7.x before 7.1.3 allows remote attackers to inject arbitrary web script or HTML via the view parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in zimbra/h/calendar in Zimbra Web Client in Zimbra Collaboration Suite ZCS 6.x before 6.0.15 and 7.x before 7.1.3 allows remote attackers to inject arbitrary web script or HTML via the view parameter...
Joomla CSVUploader SQL Injection
Joomla Component comcsvuploader SQL Injection Vulnerability Author : pks Greetz : p0fk - ksha - SeC - seth - xin0 - xacks - Yoya all gay´s... Spam 2 : www.mitm.cl - pks-pkz.blogspot.com Name : Joomla comcsvuploader Type : SQL injection ++ Example:...
Joomla Component com_aist SQL Injection Vulnerability
This host is running Joomla! and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlacomaistsqlinjvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Joomla Component 'comaist' SQL Injection Vulnerability Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks GmbH...
WWWThreads 5.0.8 Pro Cross Site Scripting
www.eVuln.com advisory: Non-persistent XSS in WWWThreads perl version Summary: http://evuln.com/vulns/157/summary.html Details: http://evuln.com/vulns/157/description.html -----------Summary----------- eVuln ID: EV0157 Software: n/a Vendor: WWWThreads Version: v5.0.8 Pro perl version Critical...
Directory traversal
Directory traversal vulnerability in getfile.php in phpMyBackupPro 2.1 allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-3618
Cross-site scripting XSS vulnerability in viewvc.py in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the view parameter. NOTE: some of these details are obtained from third party information...
CVE-2009-3618
Cross-site scripting XSS vulnerability in viewvc.py in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the view parameter. NOTE: some of these details are obtained from third party information...
CVE-2009-3618
Removed by vendor...
CVE-2009-2780
Multiple cross-site scripting XSS vulnerabilities in 68 Classifieds 4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter to category.php, view parameter to 2 login.php and 3 viewlisting.php, page parameter to 4 searchresults.php and 5 toplistings.php, and 6...
Cross site scripting
Cross-site scripting XSS vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to inject arbitrary web script or HTML via the view parameter...
Sql injection
Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 aka Uploader PRO, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to a img.php, b file.php, c mail.php, d thumb.php, e zip.php, and f zipit.php, and 2 the view parameter t...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in the ConcoursPhoto module for KwsPHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the VIEW parameter...
CVE-2008-1757
Cross-site scripting XSS vulnerability in index.php in the ConcoursPhoto module for KwsPHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the VIEW parameter...