189 matches found
CVE-2017-17636
The CVE-2017-17636 entry concerns MLM Forced Matrix 2.0.9 with a SQL injection in news-detail.php using the newid parameter. The vulnerability is described as exploitable remotely without authentication, with impact on confidentiality, integrity, and availability (per CVSS metrics: CVSSv2 base 7....
CVE-2017-17602
Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php showid or view-product.php pid parameter...
Advance B2B Script 2.1.3 - show_id pid SQL Injection
Advance B2B Script 2.1.3 - showid pid SQL Injection Exploit Title: Advance B2B Script 2.1.3 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/advance-b2b-script/ Demo: http://198.38.86.159/advancedb2b/...
calligarisstore.ca XSS vulnerability
Vulnerable URL: http://calligarisstore.ca/product-detail.php?ItemID=1-Bed=Beds'"--!...
karllippard.com XSS vulnerability
Vulnerable URL: http://karllippard.com/Detail.php?weapon=1"...
mycar.pk XSS vulnerability
Vulnerable URL: http://mycar.pk//car-search-detail.php?RefID=%3C%2Fscript%3E%3Cimg+src%3Dx+onerror%3Dprompt%2FXSSPOSED%2F%3E=Search Details: Description| Value ---|--- Patched:| Yes, at 27.11.2017 Latest check for patch:| 27.11.2017 09:23 GMT Vulnerability type:| XSS Vulnerability status:| Public...
samplerarchive.org XSS vulnerability
Vulnerable URL: http://samplerarchive.org/detail.php?said=1/-///'/"//--...
gemsalongthemohawk.com XSS vulnerability
Vulnerable URL: http://gemsalongthemohawk.com/associate-detail.php?a=Vernon-Downs-Casino-&-Hotel=56%22%27--!%3E%3CHtml%20Onmouseenter=confirmOPENBUGBOUNTY%20%3C!--//%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability...
calligarisstore.ca XSS vulnerability
Vulnerable URL: http://calligarisstore.ca/product-detail.php?ItemID=1-Bed=Beds'"--!...
historymuseumonthesquare.org XSS vulnerability
Vulnerable URL: http://historymuseumonthesquare.org/archives/detail.php?AccessionNumber=1992-56-30-5=Campbell'"--!...
kinoplakate.de XSS vulnerability
Vulnerable URL: http://www.kinoplakate.de/detail.php?film=10249'"--!...
trinketsandtrash.org XSS vulnerability
Vulnerable URL: https://trinketsandtrash.org/detail.php?itemnumber=213662'"--!...
tnt CMS detail.php 参数id SQL注入漏洞
No description provided by source...
mcGallery 'lang' Parameter Multiple Cross Site Scripting Vulnerabilities
背景: PhpForums.net mcGallery是一款网站图片管理脚本工具。 类型: xss 影响: 可注入任意web脚本或HTML 分析: PhpForums.net mcGallery 1.1版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助对 1admin.php, 2index.php, 3sess.php, 4stats.php, 5detail.php, 6resize.php, 7show.php的lang参数,注入任意web脚本或HTML。...
cniipdtice.dz XSS vulnerability
Open Bug Bounty ID: OBB-71523 Description| Value ---|--- Affected Website:| cniipdtice.dz Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...
1001000.co.th XSS vulnerability
Vulnerable URL: http://www.1001000.co.th/news-detail.php?id='"/alert/XSSPOSED/...
CRUCMS Crucial Networking - SQL Injection Vulnerability
Document Title: =============== CRUCMS Crucial Networking - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1497 Release Date: ============= 2015-05-17 Vulnerability Laboratory ID VL-ID: ==================================== 14...
TORNADO Computer Trading CMS - SQL Injection Vulnerability
Document Title: =============== TORNADO Computer Trading CMS - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1489 Release Date: ============= 2015-05-05 Vulnerability Laboratory ID VL-ID: ====================================...
CVE-2014-8307
Multiple cross-site scripting XSS vulnerabilities in skins/default/outline.tpl in C97net Cart Engine before 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 path parameter in the "drop down TOP menu with path" section or 2 printthispage variable in the footercontentbloc...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in skins/default/outline.tpl in C97net Cart Engine before 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 path parameter in the "drop down TOP menu with path" section or 2 printthispage variable in the footercontentbloc...