EUVD-2016-2004

Malware in sbrugna...

made-in-provence.fr XSS vulnerability

Open Bug Bounty ID: OBB-554142 Description| Value ---|--- Affected Website:| made-in-provence.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

aquariumconnection.com XSS vulnerability

Open Bug Bounty ID: OBB-501328 Description| Value ---|--- Affected Website:| aquariumconnection.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

heraldgoa.in XSS vulnerability

Vulnerable URL: https://www.heraldgoa.in/listing.php?isajax=1id=6id=0%22%3E%3Ch1%3EM0ns7er%3C/h1%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%3C/br%3E=13=5 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 02.09.2017 Vulnerability type:| XSS Vulnerability status:|...

ThisIsWhyImBroke Clone Script 4.0.0 - id Parameter SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Flippy AffilatePlatform – ThisIsWhyImBroke Clone Script v4.0.0 - SQL Injection Google Dork: N/A Date: 06.02.2017 Vendor Homepage: https://www.flippyscripts.com/ Software Buy:...

ThisIsWhyImBroke Clone Script 4.0 - id SQL Injection

ThisIsWhyImBroke Clone Script 4.0 - id SQL Injection Exploit Title: Flippy AffilatePlatform – ThisIsWhyImBroke Clone Script v4.0 - SQL Injection Google Dork: N/A Date: 06.02.2017 Vendor Homepage: https://www.flippyscripts.com/ Software Buy:...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in 1 revision.php, 2 log.php, 3 listing.php, and 4 comp.php in WebSVN allow context-dependent attackers to inject arbitrary web script or HTML via the name of a a file or b directory in a repository...

aWebNews 1.1 listing.php path_to_news Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/22781/info aWebNews is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the...

CVE-2010-4504

Multiple cross-site scripting XSS vulnerabilities in eSyndiCat Directory 2.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter to 1 suggest-category.php and 2 suggest-listing.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in eSyndiCat Directory 2.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter to 1 suggest-category.php and 2 suggest-listing.php...

CVE-2010-4504

CVE-2010-4504 affects eSyndiCat Directory 2.3. The vulnerability is a Cross-Site Scripting (XSS) flaw exploitable via the title parameter in two scripts, suggest-category.php and suggest-listing.php. Remote attackers could inject arbitrary web script or HTML as described in the CVE. The connected...

WebSVN listing.php脚本绕过限制信息泄露漏洞

BUGTRAQ ID: 33343 CVECAN ID: CVE-2009-0240 WebSVN是用于在线查看源码库的工具。 WebSVN中的listing.php脚本在使用SVN authz文件时没有正确地限制对受限制代码库的访问，远程攻击者可以通过compare with previous和show changed files链接读取受限制项目的changelog或diff。 CollabNet WebSVN 2.0 CollabNet WebSVN 1.7 beta 厂商补丁： Debian ------ Debian已经为此发布了一个安全公告（DSA-1725-1）以及相应补丁...

CVE-2009-0240

listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter...

CVE-2009-0240

CVE-2009-0240 affects WebSVN 2.0 (and possibly 1.7 beta). listing.php can expose restricted project changelogs/diffs when using an SVN authz file, via a manipulated repname parameter. Root cause is improper access control in listing.php. Impact: remote authenticated users can read restricted cont...

Sql injection

SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the sort parameter...

CVE-2008-2919

CVE-2008-2919 describes an SQL injection in Gryphon gllcTS2 4.2.4, exploiting the sort parameter in listing.php. Root cause: unsafely handled user input leads to arbitrary SQL execution. Affects the listing.php path; impact is partial confidentiality, integrity, and availability. Public reference...

GLLCTS2 (listing.php sort) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================= GLLCTS2 listing.php sort Remote Blind SQL Injection Exploit ============================================================= !/usr/bin/perl gllcTS2 listing.php $sort Remote Blind S...

GLLCTS2 - sort Blind SQL Injection

GLLCTS2 - sort Blind SQL Injection !/usr/bin/perl gllcTS2 listing.php $sort Remote Blind SQL Injection Exploit Bug by: h0yt3r This one shows another vulnerability in the gllcTS2. Thera are many with simple injections Same Versions are affected. Also shows the conecpt of how to inject an ORDER BY...