CVE-2018-25163

BitZoom 1.0 contains an unauthenticated SQL injection via the rollno and username parameters in forgot.php and login.php. The vulnerability allows arbitrary SQL queries, enabling extraction of database schema and table contents. Affected component: BitZoom 1.0 web application backend; root cause:...

CVE-2018-25163 BitZoom 1.0 SQL Injection via rollno Parameter

BitZoom 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rollno and username parameters in forgot.php and login.php. Attackers can submit crafted POST requests with SQL UNION statements to...

CVE-2018-25163 BitZoom 1.0 SQL Injection via rollno Parameter

BitZoom 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rollno and username parameters in forgot.php and login.php. Attackers can submit crafted POST requests with SQL UNION statements to...

BitZoom SQL注入漏洞

BitZoom is a Bitcoin trading tool developed by the BitZoom company. Version 1.0 of BitZoom has a SQL injection vulnerability. This vulnerability stems from the rollno and username parameters in the forgot.php and login.php files, which allow for SQL injections. This could lead to the execution of...

nevadacb.com XSS vulnerability

Open Bug Bounty ID: OBB-598405 Description| Value ---|--- Affected Website:| nevadacb.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

supportsockshop.com XSS vulnerability

Vulnerable URL: http://www.supportsockshop.com/forgot.asp?OriginalURL=1"...

login.yorkdispatch.com XSS vulnerability

Vulnerable URL: https://login.yorkdispatch.com/PPYD-GUP/password-forgot/?cancel-url="/alert/openbugbounty/...

bettingexpert.com XSS vulnerability

Vulnerable URL: http://www.bettingexpert.com/user/forgot Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 23:44 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 26318 Google Pagerank| 4 VIP website status:| Yes...

accounts.makerbot.com XSS vulnerability

Vulnerable URL: https://accounts.makerbot.com/forgot Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP website status:| No Check...

Phire CMS 1.1.2 - Multiple XSS Vulnerabilities

Latest Phire CMS suffers on multiple cross site scripting vulnerabilities because of poor variables filtration. Title: Phire CMS 1.1.2 - Multiple XSS Vendor: phirecms.org - en.wikipedia.org/wiki/PhireCMS Version: 1.1.2 Latest ATM Demo: demo.phirecms.org Date: 01.25.2014 Contact:...