cat-on.com XSS vulnerability

Open Bug Bounty ID: OBB-677695 Description| Value ---|--- Affected Website:| cat-on.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)

Linux/x86 - Execve /bin/cat /etc/passwd Shellcode 37 bytes. Shellcode exploit for Linuxx86 platform...

Wutong Cat Mall mobile app has logic design flaws

Sycamore Cat Mall Mobile App is an online shopping mall software. There is a logic design vulnerability in Wutong Cat Mall Mobile APP. Attackers can register any account by grabbing packets to get the verification code...

cat-coiffeur.de XSS vulnerability

Open Bug Bounty ID: OBB-594237 Description| Value ---|--- Affected Website:| cat-coiffeur.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Piwigo cross-site scripting vulnerability (CNVD-2018-06555)

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time, and more. A cross-site scripting vulnerability exists in the admin panel in Piwigo version 2.9.3. A remote attacker can exploit th...

canal10.cat XSS vulnerability

Open Bug Bounty ID: OBB-574936 Description| Value ---|--- Affected Website:| canal10.cat Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

web1.carparts-cat.com XSS vulnerability

Open Bug Bounty ID: OBB-573677 Description| Value ---|--- Affected Website:| web1.carparts-cat.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

creamap.llull.cat XSS vulnerability

Open Bug Bounty ID: OBB-572252 Description| Value ---|--- Affected Website:| creamap.llull.cat Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

compraeixample.cat XSS vulnerability

Open Bug Bounty ID: OBB-569865 Description| Value ---|--- Affected Website:| compraeixample.cat Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure...

CVE-2018-6585

SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filtercreator or filtereventscat parameter...

Command injection

Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command OS Command Injection vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web reques...

Center for Internet Security CIS-CAT Pro Dashboard Privilege Gain Vulnerability

Center for Internet Security CIS-CAT Pro Dashboard is a set of panels used to display system compliance on a dashboard. An access control error vulnerability exists in versions of Center for Internet Security CIS-CAT Pro Dashboard prior to 1.0.4. An attacker can exploit this vulnerability to gain...

CVE-2017-8916

In Center for Internet Security CIS-CAT Pro Dashboard before 1.0.4, an authenticated user is able to change an administrative user's e-mail address and send a forgot password email to themselves, thereby gaining administrative access...

CVE-2017-8916

In CIS-CAT Pro Dashboard, prior to version 1.0.4, an authenticated user can change an administrator’s email address and trigger a password-recovery email to themselves, thereby gaining administrative access. This is described in CVE-2017-8916 and corroborated by CNVD/CNVD-2018-05227 and other sou...

Classified Ads CMS Quickad SQL Injection Vulnerability

Classified Ads CMS Quickad is a set of PHP based advertising website scripts. A SQL injection vulnerability exists in Classified Ads CMS Quickad version 4.0. A remote attacker can exploit this vulnerability by sending the 'keywords', 'placeid', 'cat', or 'subcat' parameters to the listing URI to...

Sql injection

SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI...

CVE-2018-5972

SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI...

Piwigo 2.9.1 - cat_true / cat_false SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Piwigo = 2.9.1 - 'cattrue'/'catfalse' SQL Injection Dork: N/A Date: 12.12.2017 Vendor Homepage: http://piwigo.org/ Software Link: http://piwigo.org/basics/downloads Version: = 2.9.1 Category: Webapps Tested on: WiN7x64/WIN10X64...

CVE-2017-17613

Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php prid parameter or the searchbycatlist.php catid parameter...

PHP CityPortal SQL Injection Vulnerability

PHP CityPortal is a corporate website building system developed by PhpCityPortal team in India. A SQL injection vulnerability exists in PHP CityPortal version 2.0. A remote attacker can exploit this vulnerability to inject SQL commands with the help of 'nid' or 'cat' parameter...