30 matches found
CVE-2018-25163
BitZoom 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rollno and username parameters in forgot.php and login.php. Attackers can submit crafted POST requests with SQL UNION statements to...
CVE-2024-9327
A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forgot.php. The manipulation of the argument useremail leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2024-9327 code-projects Blood Bank System forgot.php sql injection
A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forgot.php. The manipulation of the argument useremail leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2024-9327 code-projects Blood Bank System forgot.php sql injection
A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forgot.php. The manipulation of the argument useremail leads to sql injection. The attack can be initiated remotely. The exploit has been...
awi-application.org XSS vulnerability
Open Bug Bounty ID: OBB-698479 Description| Value ---|--- Affected Website:| awi-application.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
BitZoom 1.0 - rollno SQL Injection
BitZoom 1.0 - rollno SQL Injection Exploit Title: BitZoom 1.0 - 'rollno' SQL Injection Dork: N/A Date: 2018-11-14 Exploit Author: Ihsan Sencan Vendor Homepage: https://bitzoom.sourceforge.io/ Software Link: https://excellmedia.dl.sourceforge.net/project/bitzoom/bitzoom-master.zip Version: 1.0...
scisoc.or.th XSS vulnerability
Open Bug Bounty ID: OBB-593353 Description| Value ---|--- Affected Website:| scisoc.or.th Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
ma-formation-bafa.fr XSS vulnerability
Open Bug Bounty ID: OBB-592797 Description| Value ---|--- Affected Website:| ma-formation-bafa.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
rechargement.ascanis.fr XSS vulnerability
Open Bug Bounty ID: OBB-592794 Description| Value ---|--- Affected Website:| rechargement.ascanis.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
mainstreameng.co.nz XSS vulnerability
Open Bug Bounty ID: OBB-576896 Description| Value ---|--- Affected Website:| mainstreameng.co.nz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
holbrookemotorcompany.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-572084 Description| Value ---|--- Affected Website:| holbrookemotorcompany.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
portsmouthcardiac.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-572078 Description| Value ---|--- Affected Website:| portsmouthcardiac.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
cvcloud.me XSS vulnerability
Vulnerable URL: http://cvcloud.me/forgot.php?email=--!%3E%22%3E%3C/script%20%3E%3Ciframe/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / No...
CVE-2015-4725
Cross-site scripting XSS vulnerability in forgot.php in AudioShare 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the email parameter...
ad5.eu XSS vulnerability
Open Bug Bounty ID: OBB-48813 Description| Value ---|--- Affected Website:| ad5.eu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
Ananta Gazelle CMS - Update Statement SQL Injection
No description provided by source. Exploit Title: Ananta Gazelle CMS - Update Statement Sql injection Google Dork: - Date: 07-02-2012 Author: hackme Software Link: http://sourceforge.net/projects/ananta/files/stable/Gazelle 1.0 stable/AnantaGazelle1.0.zip/ Version: 1.0 stable Tested on: backbox 2...
PHP JOBWEBSITE PRO siteadmin/forgot.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/32570/info PHP JOBWEBSITE PRO is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow ...
Ananta Gazelle CMS upload statement for registration and fix-vulnerability warning-the black bar safety net
The head of the table: Ananta Gazelle CMS - Update Statement Sql injection Author: hackme Download address: http://sourceforge.net/projects/ananta/files/stable/Gazelle 1.0 stable/AnantaGazelle1.0.zip/ Impact version: 1.0 stable Test platform: backbox 2.1 First for my bad English, sorry + This...
Gazelle CMS - Multiple Vulnerabilities
Gazelle CMS - Multiple Vulnerabilities Exploit Title: AnantaGazelle Local File inclusion / Xss Vulnerabilities Date: 23/08/2010 Author: Sweet Contact : [email protected] Software Link: www.anantasoft.com Download:http://www.anantasoft.com/index.php?Gazelle%20CMS/Download Version: AnantaGazelle1...
Ananta Gazelle 1.0 SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: Ananta Gazelle SQL Injection Vulnerability Vendor: http://www.anantasoft.com/ Vulnerable Version: 1.0 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: Ananta Gazelle is a rich JavaScript enabled CMS with...