EUVD-2021-30597

Malicious code in bioql PyPI...

CVE-2025-48045

An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials...

CVE-2025-48045

An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials...

CVE-2022-36639

A stored cross-site scripting XSS vulnerability in /client.php of Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...

Argument Injection

phpxmlrpc/phpxmlrpc is vulnerable to Argument Injection. The vulnerability exists in multiple functions of Client.php and Wrapper.php due to improper neutralization of argument delimiters which allows an attacker to access the local file or connect to undesired URLs instead of the intended target...

Argument Injection

phpxmlrpc/phpxmlrpc is vulnerable to argument injection. The vulnerability exists in multiple functions of Client.php and Wrapper.php due to improper neutralization of argument delimiters which allows an attacker to access local file in Client:send via manipulation of the $protocol argument...

Garage Management System client.php跨站脚本漏洞

Garage Management System Cms-Website is a garage management system that helps you manage all your vehicles, cars and motorcycles. A cross-site scripting vulnerability exists in Garage Management System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in th...

CVE-2021-43690

YurunProxy v0.01 is affected by a Cross Site Scripting XSS vulnerability in src/Client.php. The exit function will terminate the script and print a message which have values from the socketread...

Cross site scripting

YurunProxy v0.01 is affected by a Cross Site Scripting XSS vulnerability in src/Client.php. The exit function will terminate the script and print a message which have values from the socketread...

CVE-2021-43690

YurunProxy v0.01 is affected by a Cross Site Scripting (XSS) vulnerability in src/Client.php. The root cause is the exit function terminating the script and printing a message that contains data read from a socket (socket_read). This can lead to reflected or stored XSS depending on how the messag...

CVE-2021-43690

YurunProxy v0.01 is affected by a Cross Site Scripting XSS vulnerability in src/Client.php. The exit function will terminate the script and print a message which have values from the socketread...

WebVet 0.1a - id SQL Injection

WebVet 0.1a - id SQL Injection Exploit Title: WebVet 0.1a - 'id' SQL Injection Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://webvet.exreality.net/ Software Link: https://netix.dl.sourceforge.net/project/webvet/webvet20130708.zip Version: 0.1a Category: Webapps...

WebVet 0.1a - 'id' SQL Injection

Exploit Title: WebVet 0.1a - 'id' SQL Injection Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://webvet.exreality.net/ Software Link: https://netix.dl.sourceforge.net/project/webvet/webvet20130708.zip Version: 0.1a Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

WebVet 0.1a SQL Injection

Exploit Title: WebVet 0.1a - 'id' SQL Injection Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://webvet.exreality.net/ Software Link: https://netix.dl.sourceforge.net/project/webvet/webvet20130708.zip Version: 0.1a Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

WebVet 0.1a - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WebVet 0.1a - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://webvet.exreality.net/ Software Link: https://netix.dl.sourceforge.net/project/webvet/webvet20130708.zip Version: 0.1a Category: Webapps Tested...

alternativemedia.fr XSS vulnerability

Open Bug Bounty ID: OBB-571269 Description| Value ---|--- Affected Website:| alternativemedia.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

inClick Cloud Server 5.0 - SQL Injection

Exploit Title: inClick Cloud Server 5.0 - SQL Injection Dork: N/A Date: 12.09.2017 Vendor Homepage: http://www.inclick.net/ Software Link: http://www.inclick.net/pageid/demo.html Demo: http://www.inclick.net/pageid/demo.html Version: 5.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...

Authentication Bypass

apereo/phpCAS is vulnerable to authentication bypass. The bypass happens because it does not check the authentication of XML tag in the ticke while validating a CAS 2.0 ST or PT in validateCAS20 function of source/CAS/Client.php...

53KF /new/client.php sql注入漏洞

利用过程： 53KF 采用ThinkPHP框架， 注入地址：http://xxx.com/new/client.php?m=Statistic&a=setLost&field=chatrobotlost&type=plus&companyid0=1，companyid0存在时间盲注 payload: /new/client.php?m=Statistic&a=setLost&field=chatrobotlost&type=plus&companyid0=-1%20or%201!=sleep5limit%201%23between...

53KF /new/client.php file任意文件下载漏洞

No description provided by source...