EUVD-2018-10938

Malware in sbrugna...

CVE-2018-19229

An issue was discovered in LAOBANCMS 2.0. It allows XSS via the admin/art.php?typeid=1 biaoti parameter...

CVE-2018-19229

An issue was discovered in LAOBANCMS 2.0. It allows XSS via the admin/art.php?typeid=1 biaoti parameter...

CVE-2018-19229

LAOBANCMS 2.0 is affected by an XSS vulnerability in the admin/art.php?typeid=1 biaoti parameter. Multiple connected sources (NVD/NVD-derived CVE, Red Hat, CNVD, CVE listings) corroborate that the issue arises from unsanitized input in the biaoti parameter leading to cross-site scripting. The exa...

aacz.czestochowa.pl XSS vulnerability

Vulnerable URL: http://www.aacz.czestochowa.pl/art.php?id=1477330253,1477330290="';-- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 08.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| N...

Cross-site scripting vulnerability in Axublog art.php

Axublog is a PHP personal blog system. A cross-site scripting vulnerability exists in Axublog art.php due to the system failing to filter incoming parameters. An attacker can exploit this vulnerability to plant cross-site code and obtain sensitive information such as administrator cookies...

苹果CMS继续绕过现有全局安全防护措施进行SQL注入，第三发

简要描述： 下一次该告一段落，打包了，主要是希望开发意识到为什么你们的be和360safe3.php没有起到作用 详细说明： 不再具体分析，看第一和第二发， 看下触发页面，inc/module/art.php 第90行： elseif$method=='search' $tpl-P"siteaid" = 25; $wd = be"all", "wd"; if!empty$wd $tpl-P"wd" = $wd; if isN$tpl-P"wd" && isN$tpl-P"ids" && isN$tpl-P"pinyin" && isN$tpl-P"letter" &&...