151 matches found
ackermann-leather.com XSS vulnerability
Vulnerable URL: http://www.ackermann-leather.com/info.php?L=1...
sandta.org.za XSS vulnerability
Vulnerable URL: https://www.sandta.org.za/info.php?cpc=111"alert/OPENBUGBOUNTY/...
ackermann-leder.de XSS vulnerability
Vulnerable URL: http://www.ackermann-leder.de/info.php?L=1...
adiregisterme.com XSS vulnerability
Vulnerable URL: https://adiregisterme.com/show-info.php?showid="alert/OPENBUGBOUNTY/...
da.zaoorel.ru XSS vulnerability
Vulnerable URL: http://da.zaoorel.ru/proinfo/info.php?proname=gtetris' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...
PHP Utility Belt Remote Code Execution
Exploit Title : PHP utility belt Remote Code Execution vulnerability Author : WICS Date : 8/12/2015 Software Link : https://github.com/mboynes/php-utility-belt Overview: PHP utility belt is a set of tools for PHP developers. Install in a browser-accessible directory and have at it. ajax.php is...
explorersweb.com XSS vulnerability
Open Bug Bounty ID: OBB-64126 Description| Value ---|--- Affected Website:| explorersweb.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2014-8351
SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty aka CNIL CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter...
Sql injection
SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty aka CNIL CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter...
CVE-2014-8351
SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty aka CNIL CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the domain parameter...
CVE-2014-8351
CVE-2014-8351 concerns CNIL CookieViz (info.php) prior to 1.0.1, where a SQL injection via the domain parameter allows remote servers to execute arbitrary SQL commands. The vulnerability affects CookieViz’s handling of input in info.php, enabling attacker-controlled SQL execution. Public referenc...
CVE-2014-3830
CVE-2014-3830 relates to a reflected XSS in TomatoCart 1.1.8.6.1, exploiting the faqs_id parameter in info.php to inject script/HTML. The description confirms the affected product/version and the vulnerability class, but the available documents do not specify a vendor patch/version for remediatio...
CVE-2013-7389
Multiple cross-site scripting XSS vulnerabilities in D-Link DIR-645 Router Rev. A1 with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the 1 deviceid parameter to parentalcontrols/bind.php, 2 RESULT parameter to info.php, or 3 receiver parameter to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in D-Link DIR-645 Router Rev. A1 with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the 1 deviceid parameter to parentalcontrols/bind.php, 2 RESULT parameter to info.php, or 3 receiver parameter to...
Alumni 1.0.8/1.0.9 - info.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/29019/info Project Alumni is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow...
Gradman <= 0.1.3 (info.php tabla) Local File Inclusion Vulnerability
No description provided by source. Software: Gradman = 0.1.3 HomePage: http://gradman.xe1ido.com.mx/ Software: Gradman = 0.1.3 Exploit: Local File Inclusion High Dork: powered by Gradman Bug Found By: Syndr0me! site: www.remoteexecution.es Where: info.php?tabla= Greetz: S4nt0!, Yubix, Xarnuz,...
BS Scripts Directory (info.php) SQL Injection Vulnerability
No description provided by source. Exploit Title: BS Script Directory remote SQL injection vulnerability Date: 15th july 2010 Author: D4rk357 Critical:high contact:d4rk357atyahoodotin Price : 24.95 $ Software Link:http://www.brotherscripts.com/productinfo.php?productsid=454 Greetz to :b0nd,...
Command injection
TinyWebGallery 1.8.3 allows remote attackers to execute arbitrary code via shell metacharacters in the command parameter to 1 inc/filefunctions.inc or 2 info.php...
CVE-2012-1920
@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...
CVE-2012-1920
@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...