60 matches found
CVE-2016-5048
CVE-2016-5048 affects ReadyDesk 9.1 and targets the chat/staff/default.aspx login input. The user name field is vulnerable to SQL injection, allowing remote attackers to execute arbitrary SQL commands. The vulnerability is described in multiple sources (NVD entry and CERT/CC advisory) with a high...
Microsoft Education Cross Site Scripting
Document Title: =============== Microsoft Education - Stored Cross Site Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1897 Release Date: ============= 2016-08-10 Vulnerability Laboratory ID VL-ID: ====================================...
Fancier /travel/Default. aspx parameters leixing injection vulnerability
No description provided by source...
Crown State Library System /Ajax/Default. aspx file UserId parameter SQL injection vulnerability
No description provided by source...
workyi人才系统 Default.aspx 参数PID SQL注入
No description provided by source...
furniturecore.com XSS vulnerability
Vulnerable URL: http://furniturecore.com/Default.aspx?tabid=41=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 772285 Google Pagerank| 3 VIP website status:| No Check...
PKPMBS工程质量监督管理系统 guestbook.aspx和Default.aspx 2处SQL注入漏洞
No description provided by source...
search.wlbz2.com XSS vulnerability
Open Bug Bounty ID: OBB-63467 Description| Value ---|--- Affected Website:| search.wlbz2.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
Sitekit CMS 6.6 Default.aspx Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16016/info Sitekit CMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...
ifnuke - Multiple Vulnerabilities (0day)
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' Abysssec Inc Public Advisory Title : IfNuke Multiple Remote Vulnerabilities Affected Version : IfNuke 4.0.0 Discovery : www.abysssec.com...
Cross site scripting
Cross-site scripting XSS vulnerability in SPS/Portal/default.aspx in Service Desk in Matrix42 Service Store 5.3 SP3 aka 5.33.946.0 allows remote attackers to inject arbitrary web script or HTML via the query string...
CVE-2013-2504
Cross-site scripting XSS vulnerability in SPS/Portal/default.aspx in Service Desk in Matrix42 Service Store 5.3 SP3 aka 5.33.946.0 allows remote attackers to inject arbitrary web script or HTML via the query string...
Aryadad CMS SQL Injection Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0...
Sql injection
SQL injection vulnerability in Default.aspx in Aryadad CMS allows remote attackers to execute arbitrary SQL commands via the PageID parameter...
CVE-2012-0935
CVE-2012-0935 describes a SQL injection vulnerability in Aryadad CMS, exploitable via the PageID parameter in Default.aspx. The issue allows remote attackers to execute arbitrary SQL commands, with impact per the NVD vector: AV:N/AC:L/Au:N/C:P/I:P/A:P, base score 7.5 (HIGH). Public references (Ex...
BPTSoft Web Solution Group SQL Injection
HUT CNIS Exploit Title: BPTSoft Web Solution Group SQL INJECTION Vulnerability Date: 2012/1/1 Author: S.Azadi Google Dork: site:.ir intext:Copyright 2005-2009 BPTSoft Web Solution Group Vulnerability Type: SQL Injection Version: 2005-2009...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SmarterTools SmarterStats 6.2.4100 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by Default.aspx and certain other files...
Kisanji Cross Site Scripting
|=----=----=----=----=----=--------=| | | /\ /\ \ /\ /\ \ everythin's black | //\ /\ \ \L\ \ \ \ \ no turning back | \ \ \ \ \ Default.aspx Cross Site Scripting |Author :Bl4ck.Viper |Vendor :http://kisanji.sourceforge.net/ |Email :[email protected] |Dork :Powered by Kisanji.org...
Sitecore CMS 'default.aspx' XSS
The remote host is running a version of Sitecore CMS that is reportedly affected by a cross-site scripting vulnerability. An attacker could exploit this to inject arbitrary HTML or script code into a user's browser to be executed within the security context of the affected site. %NASLMINLEVEL 703...
Code injection
The SmarterTools SmarterStats 6.0 web server sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving 1 Admin/frmSite.aspx, 2 Admin/frmSites.aspx, 3 Admin/frmViewReports.aspx, 4...