16 matches found
EUVD-2021-25256
Malware in sbrugna...
CVE-2021-38819
A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page...
InstantCMS 跨站脚本漏洞
InstantCMS is a free and open source CMS. A cross-site scripting vulnerability exists in InstantCMS before version 2.16.3, which stems from the lack of effective filtering and escaping of user-supplied data in the photo upload function of the album page, and can be exploited by an attacker to...
Sql injection
A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page...
CVE-2021-38819
A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page...
Simple Image Gallery Web App SQL注入漏洞
Simple Image Gallery Web App is a web-based application that can be managed by multiple users. Users can store their images in this web application. A SQL injection vulnerability exists in Simple Image Gallery Web App version 1.0, which originates from an SQL injection via the id parameter on the...
CVE-2021-38819
A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page...
Pornhub: Stored XSS in galleries - https://www.redtube.com/gallery/[id] path
Researcher successfully closed the image 'alt' attribute and injected javascript by intercepting the album creation request and submitting an XSS payload as the album title. This led to stored cross-site scripting on the user's album page, executed against any users who visited the album. Stored...
maagalim.com XSS vulnerability
Vulnerable URL: http://www.maagalim.com/site/detail/departAlbum/albumPic.asp?departid=98658id=48241="--!"=1=1===0=IFwinEditGadget482418003=0====1=1= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 02.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...
westwoodshorespoa.com XSS vulnerability
Vulnerable URL: http://www.westwoodshorespoa.com/album.asp?albumid=4name=%22%3E%3Cimg%20src=x%20onerror=alert%22openbugbounty%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 11.09.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
snbm.org XSS vulnerability
Vulnerable URL: http://www.snbm.org/album/fileview.php?album=2009proletnaprikazka"=dsc02431.jpg Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...
Pornhub: Cross Site Scripting – Album Page
The researcher identified that multiple albums were vulnerable to reflected cross site scripting from the URL, a few examples and proofs of concept are shown explained with relevant get requests and responses plus screenshots. The malicious link is shown below: http://www.pornhub.com/albums?...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Yogurt Social Network module 3.2 rc1 for XOOPS allow remote attackers to inject arbitrary web script or HTML via the uid parameter to 1 friends.php, 2 seutubo.php, 3 album.php, 4 scrapbook.php, 5 index.php, or 6 tribes.php; or 7 the...
Unfixed XSS vulnerability at www.moes-feilbingert.de
Security researcher IHZTEAM, has submitted on 06/10/2008 a cross-site-scripting XSS vulnerability affecting www.moes-feilbingert.de, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 22/08/2009. It is...
Unfixed XSS vulnerability at www.yoyonappy.com
Security researcher SaMTHG, has submitted on 03/09/2008 a cross-site-scripting XSS vulnerability affecting www.yoyonappy.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/09/2008. It is currently...
Unfixed XSS vulnerability at www.konyaspor.org.tr
Security researcher b3r4t, has submitted on 01/09/2008 a cross-site-scripting XSS vulnerability affecting www.konyaspor.org.tr, which at the time of submission ranked 351599 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/09/2008. It is...