galaxia-stb.de Open Redirect vulnerability OBB-3516776

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Sql injection in Tikiwiki

Hi, There are 2 sql injections in Tikiwiki 1.9.4 and maybe before versions : I There is a call to "getprocess" function in "tiki-g-adminprocesses.php" file, without checking "pid" parameter : File /tiki-g-adminprocesses.php, Line 35 : :: $info = $processManager-getprocess$REQUEST"pid"; Lets take ...