tesionline.it XSS vulnerability

Open Bug Bounty ID: OBB-527799 Description| Value ---|--- Affected Website:| tesionline.it Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based...

apps.itsc.cuhk.edu.hk XSS vulnerability

Open Bug Bounty ID: OBB-303429 Description| Value ---|--- Affected Website:| apps.itsc.cuhk.edu.hk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

knoxrod.org XSS vulnerability

Vulnerable URL: https://www.knoxrod.org/recordings/logon.asp?RedirURL=1/-///'/"//--...

suport.gencat.cat XSS vulnerability

Vulnerable URL: http://suport.gencat.cat/framedesk/logon.asp?URL=%22%3E%3Cimg%20src=x%20onerror=confirm%22XSS%22%3E%3C/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

Shopping Tree Cross Site Scripting

Exploit Title: Shopping Tree Cross Site Scripting Google Dork: "Shopping Tree, Inc" Date: 14/08/2012 Author: IranianDarkCodersTeam Discovered By : Nafsh Site : http://idc-team.net/ Software Link: http://www.shoppingtree.com Bug : /logon.asp?msg= Xss Example :...

Cross site scripting

Cross-site scripting XSS vulnerability in admin/logon.asp in ShoppingTree CandyPress Store 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different vector than CVE-2007-2804. NOTE: the provenance of this information is unknown; the details are obtained...

CVE-2007-5629

CVE-2007-5629 describes a cross-site scripting (XSS) vulnerability in ShoppingTree CandyPress Store 4.1, specifically in admin/logon.asp, where an attacker can inject arbitrary script/HTML via the msg parameter. The entry notes this as a different vector than CVE-2007-2804. The connected document...

Cross site scripting

Cross-site scripting XSS vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter...

CVE-2006-2258

Cross-site scripting XSS vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter...

Sql injection

SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter...

CVE-2006-2258

Cross-site scripting XSS vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter...

CVE-2006-2258

The CVE-2006-2258 entry describes a Cross-site scripting (XSS) vulnerability in Logon.asp of MaxxSchedule 1.0, exploitable via the Error parameter to inject arbitrary script/HTML. The issue affects the Logon.asp component of MaxxSchedule 1.0 and arises from improper handling of the Error paramete...

CVE-2006-2259

This CVE (CVE-2006-2259) is a SQL injection vulnerability in Logon.asp of MaxxSchedule 1.0, exploitable via the txtLogon parameter to execute arbitrary SQL commands. The NVD entry specifies a base score of 7.5 (HIGH) with network attack vector and low attack complexity, indicating remote exposure...

CVE-2006-2259

SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter...