28 matches found
CVE-2025-13275
A security vulnerability has been detected in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This affects an unknown part of the file /admin/about.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has be...
PHP Business Website 代码问题漏洞
PHP Business Website is a PHP business website by the individual developer Iqbolshoh Ilhomjonov. PHP Business Website suffers from a code issue vulnerability that stems from incorrect manipulation of the file /admin/about.php, which could lead to unlimited uploads...
EUVD-2019-10775
Malware in sbrugna...
CVE-2024-41376
dzzoffice 2.02.1 is vulnerable to Directory Traversal via user/space/about.php...
AVideo cross-site scripting vulnerability in the view/about.php page
The PHP file view/about.php is vulnerable to an XSS issue due to no sanitization of the user agent. At line 53, the website gets the user-agent from the headers through $SERVER'HTTPUSERAGENT' and echo it without any sanitization. In PHP, echo a user generated statement, here the User-Agent Header...
Duplicate Advisory: AVideo cross-site scripting vulnerability in the view/about.php page
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f98p-2hc5-fm7v. This link is maintained to preserve external references. Original Description WWBN AVideo 12.4 is vulnerable to Cross Site Scripting XSS...
Sql injection
A vulnerability, which was classified as critical, was found in SialWeb CMS. This affects an unknown part of the file /about.php. The manipulation of the argument Id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...
CVE-2020-36543 SialWeb CMS about.php sql injection
A vulnerability, which was classified as critical, was found in SialWeb CMS. This affects an unknown part of the file /about.php. The manipulation of the argument Id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...
CVE-2019-20221
In Support Incident Tracker SiT! 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page...
Cross site scripting
In Support Incident Tracker SiT! 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page...
CVE-2019-20221
CVE-2019-20221 affects Support Incident Tracker (SiT!) version 3.67. The vulnerability is a Cross-Site Scripting (XSS) in the “Load Plugins” input on the config.php page, with the payload potentially executed on pages such as about.php. Multiple sources corroborate the issue across CVE records an...
CVE-2019-20221
In Support Incident Tracker SiT! 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page...
Design/Logic Flaw
PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...
CVE-2018-11487
PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...
CVE-2018-11487
CVE-2018-11487 affects PHPMyWind 5.5 with reflected Cross-Site Scripting (XSS) via the cid parameter to newsshow.php or via a query string to news.php or about.php. The vulnerability allows an attacker to inject and execute script in a victim’s browser when the affected pages are loaded. Root cau...
CVE-2018-11487
PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...
radimpex.rs XSS vulnerability
Open Bug Bounty ID: OBB-556943 Description| Value ---|--- Affected Website:| radimpex.rs Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
nanchinakasuji.com XSS vulnerability
Open Bug Bounty ID: OBB-472637 Description| Value ---|--- Affected Website:| nanchinakasuji.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...
intrails.ch XSS vulnerability
Open Bug Bounty ID: OBB-472595 Description| Value ---|--- Affected Website:| intrails.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
zzcms最新版admin\about.php SQL injection
No description provided by source...