ebank.ceag.kh.edu.tw XSS vulnerability

Open Bug Bounty ID: OBB-677837 Description| Value ---|--- Affected Website:| ebank.ceag.kh.edu.tw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ebankib.ebank.na XSS vulnerability

Vulnerable URL: https://ebankib.ebank.na/Retail/html/help.html%3C!%27/%22/%27/%22/--%3E%3C/Script%3E%3CImage%20Srcset=K%20/;%20Onerror=confirm%60OPENBUGBOUNTY%60%20//%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

PHPSHE SQL注入

简要描述： 默认配置验证绕过 详细说明： /include/plugin/payway/ebank/Receive.php中 ebankmd5 默认为空 ，可以生成sign绕过 include'../../../../common.php'; $cachepayway = cache::get'payway'; $payway = unserialize$cachepayway'ebank''paywayconfig'; $key = $payway'ebankmd5'; //默认为空 $void =trim$POST'void'; $vpmode =trim$POST'vpmode';...