16 matches found
CVE-2019-25749
Joomla J-CruisePortal 6.0.4 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the guestadult parameter. Attackers can send POST requests to the cruises endpoint with crafted SQL payloads in the guestadu...
CVE-2019-25749 Joomla J-CruisePortal 6.0.4 SQL Injection via cruises
Joomla J-CruisePortal 6.0.4 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the guestadult parameter. Attackers can send POST requests to the cruises endpoint with crafted SQL payloads in the guestadu...
CVE-2019-25749
Joomla J-CruisePortal 6.0.4 has an SQL injection in the cruises endpoint: authenticated attackers can send crafted SQL payloads via the guest_adult parameter in POST requests to read or modify database data. The CVSS indicates HIGH risk (7.1) with NETWORK, LOW exploit complexity, and LOW privileg...
CVE-2019-25749 Joomla J-CruisePortal 6.0.4 SQL Injection via cruises
Joomla J-CruisePortal 6.0.4 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the guestadult parameter. Attackers can send POST requests to the cruises endpoint with crafted SQL payloads in the guestadu...
CVE-2019-25749
Joomla J-CruisePortal 6.0.4 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the guestadult parameter. Attackers can send POST requests to the cruises endpoint with crafted SQL payloads in the guestadu...
PT-2026-50985
Name of the Vulnerable Software and Affected Versions Joomla J-CruisePortal version 6.0.4 Description An SQL injection allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code. This is achieved by sending POST requests to the "cruises" endpoint using crafted SQL...
cruises.work Cross Site Scripting vulnerability OBB-3043214
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
cruises.work Cross Site Scripting vulnerability OBB-2989574
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
melbcruises.com.au Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1194780 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
res.calypsocruises.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1149296 Security Researcher DakkarKey Helped patch 407 vulnerabilities Received 6 Coordinated Disclosure badges Received 14 recommendations , a holder of 6 badges for responsible and coordinated disclosure, found a security vulnerability affecting res.calypsocruises.com...
finaldestinations.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-446027 Description| Value ---|--- Affected Website:| finaldestinations.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...
vikingcruises.com XSS vulnerability
Open Bug Bounty ID: OBB-316491 Description| Value ---|--- Affected Website:| vikingcruises.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
vikingrivercruises.com XSS vulnerability
Vulnerable URL: http://www.vikingrivercruises.com/cruise-destinations/egypt/pathways-pharaohs/2017-cairo-nile-lakenasser/index.html?utmid='-alert'OPENBUGBOUNTY'-' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:|...
MSC Cruises - Dangerous filesystem permissions, External URLs, Suspicious files vulnerabilities
HackApp vulnerability scanner discovered that application MSC Cruises published at the 'play' market has multiple vulnerabilities...
AIDA Cruises - Customized SSL, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application AIDA Cruises published at the 'play' market has multiple vulnerabilities...
cruises.united.com XSS vulnerability
Vulnerable URL: https://cruises.united.com/profile/login.do?origin=javascript:confirm/XSSPOSED/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google...