mebyonkernow.org XSS vulnerability

Vulnerable URL: https://www.mebyonkernow.org/pages/login.php?return=/articles/article.php?id=13'" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 8583555 VIP website status:| No...

islamibankbd.com XSS vulnerability

Vulnerable URL: http://www.islamibankbd.com/login.php?msg="Please, Sign In. Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 33245 VIP website status:| Yes Coordinated Disclosure...

clarksvillepartnershipdata.com XSS vulnerability

Vulnerable URL: http://clarksvillepartnershipdata.com/member/login.php?msg=Business Analyst Details: Description| Value ---|--- Patched:| No Latest check for patch:| 12.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

Cross site scripting

The out function in controllers/member/Login.php in dayrui FineCms 5.0.11 has XSS related to the Referer HTTP header with Internet Explorer...

CVE-2017-14194

The CVE-2017-14194 entry concerns dayrui FineCms version 5.0.11, where the out function in controllers/member/Login.php is reported to have an XSS vulnerability related to the Referer HTTP header in Internet Explorer. Multiple connected records (NVD, Red Hat, CNVD, CVE list mirrors, and regional ...

sga.columbusstate.edu XSS vulnerability

Vulnerable URL: https://sga.columbusstate.edu/sganet/login.php?msg=%22%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 22.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VI...

icedearthguild.com XSS vulnerability

Vulnerable URL: http://www.icedearthguild.com/recruiting/login.php?destination=test"'- -! Details: Description| Value ---|--- Patched:| No Latest check for patch:| 14.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status...

tout-debrid.ch XSS vulnerability

Vulnerable URL: http://tout-debrid.ch/login.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.10.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 497683 VIP website status:| No Check tout-debrid.ch SSL connection:| Grade: A...

CVE-2017-11581

dayrui FineCms 5.0.9 has Cross Site Scripting XSS in admin/Login.php via a payload in the username field that does not begin with a '' character...

Stellar.org: HTTP - Basic Authentication on https://www.stellar.org/wp-login.php

Greetings, noticed https://www.stellar.org/wp-login.php using basic authentication. PoC: YWRtaW46YWRtaW4= is base64 encode of admin:admin Impact: Vulnerable to client side attacks. Vulnerable to MITM attack. Vulenrable to Eavesdropping attack. Vulnerable to Brute force attacks. Fix: HTTP-Basic...

cvsnwk.org XSS vulnerability

Vulnerable URL: http://www.cvsnwk.org/cvsm/login.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4223347 VIP website status:| No Check cvsnwk.org SSL connection:| Grade: F...

my.cashtrain.com.au XSS vulnerability

Vulnerable URL:...

punt.nl XSS vulnerability

Vulnerable URL: http://www.punt.nl/login.php/'-alert'OPENBUGBOUNTY'-' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 134247 VIP website status:| No Check punt.nl SSL connection:|...

CaseAware Cross Site Scripting

Exploit Title: CaseAware Cross Site Scripting Vulnerability Date: 20th May 2017 Exploit Author: justpentest Vendor Homepage: https://caseaware.com/ Version: All the versions Contact: [email protected] CVE : 2017-5631 Source:...

CVE-2016-10329

Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header...

CVE-2016-10329

Affected product: Synology Photo Station (prior to version 6.5.3-3226). Vulnerability: Command injection in login.php that allows remote attackers to execute arbitrary code through shell metacharacters in a crafted X-Forwarded-For header. Impact: Remote code execution with high risk (as noted by ...

Cross site scripting

An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter i.e., "usr" that is transmitted in the login.php query string...

CVE-2017-5631

An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter i.e., "usr" that is transmitted in the login.php query string...

CVE-2016-10322

Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php...

ciao.de XSS vulnerability

Vulnerable URL: https://www.ciao.de/login.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 34306 VIP website status:| Yes Check ciao.de SSL connection:| Grade: A Coordinated...