EUVD-2006-6461

Malware in sbrugna...

EUVD-2020-23649

Malware in sbrugna...

CVE-2020-36071

SQL injection vulnerability found in Tailor Management System v.1 allows a remote authenticated attacker to execute arbitrary code via the customer parameter of the email.php page...

WordPress RSVPMaker 9.3.2 SQL Injection

!/bin/bash Set the URL of the website running the vulnerable plugin url="http://example.com/wp-content/plugins/rsvpmaker/rsvpmaker-email.php" Set the number of columns in the query columns=5 response=$curl -s "$url" query=$echo "$response" | grep -oP 'FROM . WHERE .' payload="' UNION SELECT...

CVE-2020-36071

SQL injection vulnerability found in Tailor Management System v.1 allows a remote authenticated attacker to execute arbitrary code via the customer parameter of the email.php page...

Sql injection

SQL injection vulnerability found in Tailor Management System v.1 allows a remote authenticated attacker to execute arbitrary code via the customer parameter of the email.php page...

WordPress plugin RSVPMaker SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress...

CodeIgniter arbitrary code execution

system/libraries/Email.php in CodeIgniter before 3.1.3 allows remote attackers to execute arbitrary code by leveraging control over the email-from field to insert sendmail command-line arguments...

GTranslate < 2.9.7 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the body parameter in the urladdon/gtranslate-email.php file before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue. Note: exploitation of the issue requires knowledge of the NONCESALT and NONCEKEY alert/XSS/" / var form1 =...

Cross-Site Scripting (XSS)

simplesamlphp/simplesamlphp is vulnerable to cross-site scripting XSS. The vulnerability exists through the unsanitized value of $this-text in Utils/EMail.php, which is subsequently rendered and executed when a browser loads www/errorreport.php...

MGB OpenSource Guestbook 0.7.0.2 - &#039;id&#039; SQL Injection

Exploit Title: MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.m-gb.org/ Software Link: https://sourceforge.net/projects/mopzz-gb/files/latest/download Version: 0.7.0.2 Category: Webapps Tested on:...

madsoftgames.com XSS vulnerability

Open Bug Bounty ID: OBB-626779 Description| Value ---|--- Affected Website:| madsoftgames.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Hardcoded credentials

The PropertyHive plugin before 1.4.15 for WordPress has XSS via the body parameter to includes/admin/views/html-preview-applicant-matches-email.php...

johntaylorcarsales.com XSS vulnerability

Open Bug Bounty ID: OBB-500332 Description| Value ---|--- Affected Website:| johntaylorcarsales.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated...

redpathmclean.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-500297 Description| Value ---|--- Affected Website:| redpathmclean.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure...

parkwaymotorgroup.com XSS vulnerability

Open Bug Bounty ID: OBB-500300 Description| Value ---|--- Affected Website:| parkwaymotorgroup.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

rexcarsales.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-500272 Description| Value ---|--- Affected Website:| rexcarsales.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure...

clitheroeroadcarsales.com XSS vulnerability

Open Bug Bounty ID: OBB-500233 Description| Value ---|--- Affected Website:| clitheroeroadcarsales.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated...

noble-cars.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-500227 Description| Value ---|--- Affected Website:| noble-cars.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure...

citycarsenfield.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-500216 Description| Value ---|--- Affected Website:| citycarsenfield.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosu...