EUVD-2005-3308

Malware in sbrugna...

CVE-2024-29320

Wallos is affected by a SQL injection in versions prior to 1.15.3. The vulnerability stems from unsanitized input in the category and payment parameters to /subscriptions/get.php, enabling potentially unauthorized data access. Affected product: Wallos (open source personal subscription tracker); ...

CVE-2024-0734

A vulnerability was found in Smsot up to 2.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /get.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...

Sql injection

A vulnerability was found in Smsot up to 2.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /get.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2024-0734 Smsot get.php sql injection

A vulnerability was found in Smsot up to 2.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /get.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the...

Smsot SQL Injection Vulnerability

Smsot is a professional community operation solution from China Motech Smsot company. A SQL injection vulnerability exists in Smsot 2.12 and earlier versions, which stems from the parameter tid in the file /get.php that causes SQL injection...

PT-2024-15791 · Smsot · Smsot

Name of the Vulnerable Software and Affected Versions: Smsot versions up to 2.12 Description: A critical issue has been found in Smsot, affecting an unknown functionality of the file /get.php. The manipulation of the tid argument leads to sql injection. This issue can be exploited remotely...

pmcomp.ru XSS vulnerability

Vulnerable URL: http://pmcomp.ru/my/s3/captcha/get.php?callback=prompt/OPENBUGBOUNTY/...

tricoloresports.com XSS vulnerability

Vulnerable URL: https://tricoloresports.com/get.php?callback=prompt/OPENBUGBOUNTY/...

Rockstar Games: CSRF in 'set.php' via age causes stored XSS on 'get.php' - http://www.rockstargames.com/php/videoplayer_cache/get.php'

Hello, Background: Sending a POST request to set.php with age='PAYLOAD' will cause a stored XSS on the GET.php file most likely caused by the cookie, since that's what the age is based on. For this vulnerability and in order to demonstrate BOTH CSRF and XSS I have written a simple script tested o...

esgexperience.com XSS vulnerability

Vulnerable URL: https://esgexperience.com/share/get.php?url='"'"SCRIPT"' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 8196379 Google Pagerank| 0 VIP website status:| No Check...

Cross site scripting

Cross-site scripting XSS vulnerability in get.php in the WP Microblogs plugin 0.4.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the oauthverifier parameter...

WordPress Microblog Plugin <= 0.4.0 - XSS

Because of this vulnerability in get.php, the attackers can inject arbitrary web script or HTML via the "oauthverifier" parameter. Solution Update the plugin...

PicsEngine 2 Beta Cross Site Scripting / SQL Injection

PicsEngine Application error message Vulnerability ================================================== Author indoushka ================================================== vendor : Powered by PicsEngine 2 Beta ================================================== Blind SQL Injection :...

KikChat - Local File Inclusion / Remote Code Execution

KikChat http://127.0.0.1/KikChat/myroom/shell.php?cmd=whoami;id;uname -a;pwd;ls -al makase banyak : tau lo bentor to hulandalo tamongodula'a wau tamohutata, dulo ito momongulipu \\\\\\\\\\\\\\\\\\\\\\\\\ p.s malandingalo wa'u sebenarnya mohutu sploitz bo sekedar koleksi saja...

CVE-2007-4170

Multiple PHP remote file inclusion vulnerabilities in AL-Athkar 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 include parameter to a Main.php and b get.php and the 2 exec parameter to c count.php...

CVE-2005-3308

Multiple cross-site scripting XSS vulnerabilities in Zomplog 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 comment parameter in detail.php, 3 the username parameter in get.php, and 4 the search parameter in index.php...