LocalTapiola: SQL Injection /webApp/sijoitustalous_peruutus locId parameter (viestinta.lahitapiola.fi)

Vulnerable script: /webApp/sijoitustalousperuutus Vulnerable parameter: locId Database: PostgreSQL PoC 1. TRUE, substrversion,1,10='PostgreSQL', Result: Ilmoittaumisesi on peruttu...

CVE-2005-4491

Multiple cross-site scripting XSS vulnerabilities in Sitekit CMS 6.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 query string, 2 textonly, 3 locID, and 4 lang parameters to a Default.aspx, and the 6 ClickFrom parameter to b Request-call-back.html and c...

CVE-2005-4491

Multiple cross-site scripting XSS vulnerabilities in Sitekit CMS 6.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 query string, 2 textonly, 3 locID, and 4 lang parameters to a Default.aspx, and the 6 ClickFrom parameter to b Request-call-back.html and c...