5 matches found
CVE-2020-14069
An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, and wifi.php...
Sql injection
An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, and wifi.php...
CVE-2020-14069
CVE-2020-14069 affects MK-AUTH 19.01, with SQL injection in the mkt/ PHP scripts (arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, wifi.php). Root cause is improper handling of user-supplied input leading to SQL injection. The public documents confirm the v...
dabbler.com XSS vulnerability
Vulnerable URL: http://dabbler.com/hotspot.php?ss=1%22%27--!%3E%3CScript%20/K/%3Econfirm/OPENBUGBOUNTY///%3C/Script%20/K/%3E%3C!-- Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 94442 VIP website status:| No Che...
castle.com XSS vulnerability
Vulnerable URL: http://castle.com/hotspot.php?ss=1%22%27--!%3E%3CScript%20/K/%3Econfirm/OPENBUGBOUNTY///%3C/Script%20/K/%3E%3C!-- Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 70063 VIP website status:| No Chec...