Insufficient HTML Sanitization

Impact Affected versions can have malicious javascript code injected into the users browser by other authenticated users, as data fields retrieved from the database are not properly sanitized before displaying in various front-end views. The problem here stems from multiple issues: - Insufficient...

Cross-site Scripting (XSS) - Stored in archerysec/archerysec

Description The application is vulnerable to a Stored XSS attack. It is possible for an authenticated user to inject a JavaScript payload that will be executed in the web browser of the users viewing the concerned pages. When uploading a Burp scan, the XML field "issueBackground" of a vulnerabili...

Ulisse's Scripts 2.6.1 ladder.php SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================= Ulisse's Scripts 2.6.1 ladder.php SQL Injection Vulnerability ============================================================= Tested on: Windows Vista Home Premium and Linux...

Elite Gaming Ladders v3.0 SQL Injection Exploit

No description provided by source. Exploit Title: Elite Gaming Ladders v3.0 SQL Injection Exploit Date: January 3rd, 2010 Author: Sora Version: 3.0 Tested on: Windows and Linux ---------------------------------------- Elite Gaming Ladders v3.0 SQL Injection Exploit Contact: vhr95zw at hotmail dot...

osDate 1.1.7 multiple vulnerabilities

/ osDate 1.1.7 advisory / Date of written Advisory: ------------------------- July, 18 2006 Product: -------- OSdate = 1.1.7 Vendor: ------- http://tufat.com/ Description: ------------ osDate is a full fledged dating script which can be eaily integrated with phpBB and flashChat, and provides...