EUVD-2005-2561

Malware in sbrugna...

CVE-2014-8490

CVE-2014-8490 is a Cross-Site Scripting (XSS) vulnerability in TennisConnect COMPONENTS 9.927. The issue allows an attacker to inject arbitrary web script or HTML through the pid parameter to index.cfm, as documented in the NVD entry. Public write-ups (PacketStorm) provide an example exploit titl...

CVE-2014-8490

Cross-site scripting XSS vulnerability in TennisConnect COMPONENTS 9.927 allows remote attackers to inject arbitrary web script or HTML via the pid parameter to index.cfm...

cisg-online.ch XSS vulnerability

Open Bug Bounty ID: OBB-619973 Description| Value ---|--- Affected Website:| cisg-online.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

acecma.org XSS vulnerability

Vulnerable URL: http://www.acecma.org/index.cfm?pn=6&1%22--!%3E%3CSvg/Onload=confirm%27OPENBUGBOUNTY%27%3E%22=10243=list=Date=Des=0=0&type1;=5 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

adobe.com XSS vulnerability

Vulnerable URL: http://www.adobe.com/cfusion/cfanniv/index.cfm?firstName=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.09.2016 Latest check for patch:| 26.09.2016 08:38 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

listofrandomwords.com XSS vulnerability

Vulnerable URL: http://listofrandomwords.com/index.cfm?blist Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 444984 Google Pagerank| 2 VIP website status:| No Check...

TennisConnect 9.927 Cross Site Scripting

CVE-2014-8490 TennisConnect COMPONENTS System XSS Cross-Site Scripting Security Vulnerability Exploit Title: TennisConnect "TennisConnect COMPONENTS System" /index.cfm pid Parameter XSS Product: TennisConnect COMPONENTS System Vendor: TennisConnect Vulnerable Versions: 9.927 Tested Version: 9.927...

CVE-2010-4915

CVE-2010-4915 affects ColdGen ColdBookmarks 1.22, with a vulnerability in the index.cfm function where the BookmarkID parameter in an EditBookmark action enables SQL injection, allowing remote attackers to execute arbitrary SQL commands. The issue is tied to improper handling of the BookmarkID in...

CVE-2010-4910

.Product: ColdGen ColdCalendar 2.06. Vulnerability: SQL injection in the index.cfm handling ViewEventDetails with the EventID parameter, allowing remote execution of arbitrary SQL commands. Root cause: Improper input handling leading to SQLi. Impact: potential data exposure/modification, dependin...

ColdUserGroup 1.06 Blind SQL Injection

!/usr/bin/python ColdGen - coldusergroup v1.06 0day Remote Blind SQL Injection Exploit Vendor: http://www.coldgen.com/ Found by: mrme ----------------------------------------------- Script provided 'as is', without any warranty. Use for educational purposes only. Do not use this code to do anythi...

ColdUserGroup 1.06 - Blind SQL Injection

ColdUserGroup 1.06 - Blind SQL Injection !/usr/bin/python ColdGen - coldusergroup v1.06 0day Remote Blind SQL Injection Exploit Vendor: http://www.coldgen.com/ Found by: mrme ----------------------------------------------- Script provided 'as is', without any warranty. Use for educational purpose...

QuickEStore 7.9 SQL Injection

======================================================================================== | Title : QuickEStore v.7.9 SQLInjection and Path Diclosure Download Vulnerability| | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

QuickEStore 7.9 - SQL Injection / Full Path Disclosure Download

======================================================================================== | Title : QuickEStore v.7.9 SQLInjection and Path Diclosure Download Vulnerability| | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

Sql injection

SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320...

CVE-2008-6434

SQL injection vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to execute arbitrary SQL commands via the LinkServID parameter...

Sql injection

SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote attackers to execute arbitrary SQL commands via the categorynbr parameter...

CVE-2008-6322

CVE-2008-6322 concerns an SQL injection in index.cfm of the CFMSource CFMBlog. The vulnerability is exploitable via the categorynbr parameter, enabling remote attackers to execute arbitrary SQL commands. The issue is characterized with CVSS v2.0 base score 7.5 (HIGH) and network access with low a...

CFMBLOG (index.cfm categorynbr) Blind SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= CFMBLOG index.cfm categorynbr Blind SQL Injection Vulnerability =================================================================...

CFMBLOG - 'categorynbr' Blind SQL Injection

-------------------------------AlpHaNiX---------------------------------- Found By : AlpHaNiX website : www.offensivetrack.org contact : AlpHaATHACKERDOTBZ script : CFMBLOG download : null Demo : http://www.cfmblog.com Exploits : --=BLIND SQL INJECTION=--...