Classmates 1.1.1 Cross Site Scripting

Product: CLASSMATES Vendor: http://www.got.my http://www.got.my/CLASSMATES/ Vulnerable Version: 1.1.1 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: Hector.x90 Vulnerability Details: User can execute arbitrary JavaScript code within the vulnerable application. The...

Deal Informer 4.8.0 Cross Site Scripting

Product: DEAL INFORMER Vendor: http://www.got.my http://www.got.my/DEAL-INFORMER/ Vulnerable Version: 4.8.0 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: Hector.x90 Vulnerability Details: User can execute arbitrary JavaScript code within the vulnerable application. The...

Classifieds Ads 2.9.1 Cross Site Scripting

Product: CLASSIFIED ADS Vendor: http://www.got.my http://www.got.my/CLASSIFIED-ADS/ Vulnerable Version: 2.9.1 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: Hector.x90 Vulnerability Details: User can execute arbitrary JavaScript code within the vulnerable application. The...

Got.my Link Exchange 1.8.9 SQL Injection

Vendor: http://www.got.my http://www.got.my/LINK-EXCHANGE-Script Vulnerable Version: 1.8.9 Vulnerability Type: SQL Injection Risk level: High Credit: Hector.x90 Vulnerability Details: The vulnerability exists due to failure in the "/admin/categories.php" script to properly sanitize user-supplied...

SQL injection in 4images

Vendor: http://www.got.my http://www.got.my/LINK-EXCHANGE-Script Vulnerable Version: 1.8.9 Vulnerability Type: SQL Injection Risk level: High Credit: Hector.x90 Vulnerability Details: The vulnerability exists due to failure in the "/admin/categories.php" script to properly sanitize user-supplied...