EUVD-2008-1430

Malware in sbrugna...

nwpropertymanagement.net XSS vulnerability

Vulnerable URL: http://www.nwpropertymanagement.net/moonlakevillagefourstory/album.asp?albumid=1name=%22%3E%3Cimg%20src=x%20onerror=alert%22openbugbounty%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 11.09.2017 Vulnerability type:| XSS Vulnerability status:|...

alliantproperty.com XSS vulnerability

Open Bug Bounty ID: OBB-250196 Description| Value ---|--- Affected Website:| alliantproperty.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

KAPhotoservice 7.5 album.asp cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18379/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in...

CVE-2008-6977

Cross-site scripting XSS vulnerability in album.asp in Full Revolution aspWebAlbum 3.2 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a summary action...

CVE-2008-6978

Unrestricted file upload vulnerability in Full Revolution aspWebAlbum 3.2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in pics/, related to the uploadmedia action in album.asp...

Cross site scripting

Cross-site scripting XSS vulnerability in album.asp in Full Revolution aspWebAlbum 3.2 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a summary action...

CVE-2008-6978

Unrestricted file upload vulnerability in Full Revolution aspWebAlbum 3.2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in pics/, related to the uploadmedia action in album.asp...

Sql injection

SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter...

CVE-2008-1426

Affected software: KAPhotoservice (album.asp). Vulnerable component: the albumid parameter in album.asp allows SQL injection due to unsafe SQL construction, enabling remote arbitrary SQL execution. Impact details from CVSS indicate partial impact on confidentiality, integrity, and availability wi...

CVE-2008-1426

SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter...

KAPhotoservice - album.asp SQL Injection

KAPhotoservice - album.asp SQL Injection --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ KAPhotoservice album.asp Remote SQL Injection Exploit +==-- --==+====================================================================================+==-- +...

KAPhotoservice (album.asp) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================= KAPhotoservice album.asp Remote SQL Injection Exploit ======================================================= + JosS + Spanish Hackers Team + Sys - Project + Info: Software:...

Unfixed XSS vulnerability at www.beerwalk.co.uk

Security researcher SaMTHG, has submitted on 03/09/2008 a cross-site-scripting XSS vulnerability affecting www.beerwalk.co.uk, which at the time of submission ranked 14698143 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 24/09/2008. It is...

Unfixed XSS vulnerability at mrsedelman.com

Security researcher SaMTHG, has submitted on 03/09/2008 a cross-site-scripting XSS vulnerability affecting mrsedelman.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/09/2008. It is currently...

Unfixed XSS vulnerability at www.malone.info

Security researcher SaMTHG, has submitted on 03/09/2008 a cross-site-scripting XSS vulnerability affecting www.malone.info, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/09/2008. It is currently...

Unfixed XSS vulnerability at rodriguezfraile.com

Security researcher SaMTHG, has submitted on 03/09/2008 a cross-site-scripting XSS vulnerability affecting rodriguezfraile.com, which at the time of submission ranked 14661039 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/09/2008. It is...

Unfixed XSS vulnerability at www.robinsnestgolf.com

Security researcher SaMTHG, has submitted on 03/09/2008 a cross-site-scripting XSS vulnerability affecting www.robinsnestgolf.com, which at the time of submission ranked 13616641 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/09/2008. It is...

Unfixed XSS vulnerability at edelmanweb.net

Security researcher SaMTHG, has submitted on 03/09/2008 a cross-site-scripting XSS vulnerability affecting edelmanweb.net, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/09/2008. It is currently...

CVE-2006-2955

Multiple cross-site scripting XSS vulnerabilities in KAPhotoservice 7.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 New Category newcategory or 2 apage parameter to a edtalbum.asp, or the 3 cat or 4 albumid parameter to b album.asp...