jnlwp.defense.gov XSS vulnerability

Open Bug Bounty ID: OBB-556973 Description| Value ---|--- Affected Website:| jnlwp.defense.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

easysite内容管理系统某简单粗暴的SQL注入

简要描述： web services是不会骗人的！ 大量gov站点采用了easysite内容管理系统。 详细说明： 1.soap注入 easysite webservice 文件： http://www.py.gov.cn/DesktopModules/CInfo/WebService/CInfoService.asmx 2.ArticleIDs参数存在SQL注入漏洞 随便找个放sqlmap里跑吧 POST /DesktopModules/CInfo/WebService/CInfoService.asmx HTTP/1.1 Host: dynamic.xmedu.gov.cn...

douran portal <= 3.9.0.23 Multiple Vulnerabilities

No description provided by source. Abysssec Inc Public Advisory Description : these vulnerabilites found one year ago and new version of this portal is not affect whith these vulnerabilites anymore but still lots of web site uses of old version and are vulnerable and also new version is not fully...

DotNetNuke DNNArticle插件 10.0 /DesktopModules/DNNArticle/DNNArticleRSS.aspx SQL注入漏洞

No description provided by source...

Accounting Portal Authentication Bypass

www.Ostoure.com | | Ostoure Security Research Team | | Title: Accounting Portal authentication Bypass | Vendor: Parsonline - Parsway ISP | Exploitation: Remote with browser ==================== - Description: ==================== The data in the admin folder "DesktopModules" can be accessed via a...

New Bug Found By Ostoure Sazan Sharif

www.Ostoure.com | | Ostoure Security Research Team | | Title: Accounting Portal authentication Bypass | Vendor: Parsonline - Parsway ISP | Exploitation: Remote with browser ==================== - Description: ==================== The data in the admin folder "DesktopModules" can be accessed via a...