21 matches found
msa.org.au XSS vulnerability
Open Bug Bounty ID: OBB-258655 Description| Value ---|--- Affected Website:| msa.org.au Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
cto.med.umich.edu XSS vulnerability
Vulnerable URL: http://cto.med.umich.edu/main.asp?rolename=1"...
pfs.bmsonline.sg XSS vulnerability
Vulnerable URL: http://pfs.bmsonline.sg/main.asp?ApprovalType=1"...
skyapp-hr.retas.com.sg XSS vulnerability
Open Bug Bounty ID: OBB-255594 Description| Value ---|--- Affected Website:| skyapp-hr.retas.com.sg Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2010-4989
SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter...
Ziggurat Farsi CMS - SQL Injection
Hello. Thank You For Your Perfect Web Site. Title : Ziggurat Farsi CMS SQL Injection Vulnerability Author: Arash Saadatfar InformatioN Title : Ziggurat Farsi CMS SQL Injection Vulnerability Author : Arash Saadatfar ExploiT Vulnerable File : http://server/main.asp?id=5945&grp=SQL Injection FinisH ...
Back-End CMS 5.0 - main.asp?id SQL Injection
Back-End CMS 5.0 - main.asp?id SQL Injection BackendCMS Version 5.0 SQl Injection Prodcut: BackendCMS Version 5.0 Home : http://www.backendcms.dk/ Vunlerability : SQL Injection Dork : find it yourself Discovred by: AnGeL25dZ Contact : [email protected] Greetz to : ALLAH All Members of HackTeach...
BackendCMS 5.0 (main.asp id) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ======================================================== BackendCMS 5.0 main.asp id SQL Injection Vulnerability ======================================================== BackendCMS Version 5.0 SQl Injection Prodcut: BackendCMS Version 5.0...
Sql injection
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password pass parameter...
Sql injection
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the username user parameter...
CVE-2008-6376
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password pass parameter...
CVE-2008-6391
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the username user parameter...
CVE-2008-6391
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the username user parameter...
CVE-2008-6376
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password pass parameter...
CVE-2008-6376
CVE-2008-6376 is a SQL injection vulnerability in Jbook’s main.asp that allows remote attackers to execute arbitrary SQL commands via the password (pass) parameter. The NVD entry reports a base score of 7.5 (HIGH) with NETWORK attack vector and low complexity, impact to confidentiality, integrity...
CVE-2008-6391
CVE-2008-6391 describes a SQL injection in main.asp of Jbook, allowing remote attackers to execute arbitrary SQL commands via the username (user parameter). The vulnerability is documented across NVD/NVD-derived records; exploitation details and affected versions are not provided in the included ...
Unfixed XSS vulnerability at www.sala.se
Security researcher Uber0n, has submitted on 29/09/2007 a cross-site-scripting XSS vulnerability affecting www.sala.se, which at the time of submission ranked 2242199 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/10/2007. It is currently...
LocazoList <= 2.01a beta5 (subcatID) Remote SQL Injection Vulnerability
No description provided by source. Title : LocazoList = v2.01a beta5 subcatID Remote SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.locazo.net:81 Dork : "Powered by Locazolist Copyright ? 2006" $$ : $100 SQL---------------------------------------------------------...
Sql injection
SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to 1 login.asp and 2 main.asp...
CVE-2006-2265
The CVE-2006-2265 entry concerns a Cross-site Scripting vulnerability in the admin/main.asp page of Ocean12 Calendar Manager Pro 1.00. The vulnerability is triggered via the date parameter, enabling remote attackers to inject arbitrary script/HTML. Documented impact is limited to partial integrit...