The vulnerability of the /htdocs/webinc/js/info.php component of the D-Link DIR-815 router’s microprogramming system allows a attacker to execute XSS attacks.

The vulnerability of the /htdocs/webinc/js/info.php component of the D-Link DIR-815 router’s microprogramming system exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by manipulating the RESULT...

HealthNode Hospital Management System 1.0 SQL Injection

Exploit Title: HealthNode Hospital Management System 1.0 - SQL Injection Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://sunriseservices.biz/ Software Link: https://codecanyon.net/item/healthnode-hospital-management-system/22368747 Version: 1.0 Category: Webapps...

avanguard.com.tw XSS vulnerability

Open Bug Bounty ID: OBB-648786 Description| Value ---|--- Affected Website:| avanguard.com.tw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

PT-2017-15084 · Dolibarr · Dolibarr Erp/Crm

Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM version 6.0.4 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the rowid parameter in the adherents/subscription/info.php file. Recommendations: For version 6.0.4, conside...

CVE-2005-1169

Mafia Blog .4 BETA does not properly protect the admin directory, which allows remote attackers to execute arbitrary PHP code by using writeinfo.php to inject the code into info.php...