The Open ISES Project 3.30A - tick_lat SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: The Open ISES Project 3.30A - 'ticklat' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://openises.sourceforge.net/ Software Link: https://sourceforge.net/projects/openises/files/latest/download Version:...

humum.net XSS vulnerability

Open Bug Bounty ID: OBB-661493 Description| Value ---|--- Affected Website:| humum.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

kowollik.net XSS vulnerability

Open Bug Bounty ID: OBB-661164 Description| Value ---|--- Affected Website:| kowollik.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

sbestway.com XSS vulnerability

Open Bug Bounty ID: OBB-641177 Description| Value ---|--- Affected Website:| sbestway.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Code injection

DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via the egroup parameter to uploads/dede/stepselectmain.php because code within the database is accessible to uploads/dede/syscacheup.php...

soprassub.com XSS vulnerability

Vulnerable URL: http://soprassub.com/new/main.php?pg=03⊂cat=x"'--!alert/Y4R4G/...

fodesco.fi XSS vulnerability

Vulnerable URL: https://www.fodesco.fi/main.php?sub=shop"'--!alert/Y4R4G/...

Cross site scripting

XSS exists in the loginform function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATHINFO to main.php...

CVE-2017-0378

XSS exists in the loginform function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATHINFO to main.php...

CVE-2017-0378

XSS exists in the loginform function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATHINFO to main.php...

CVE-2017-0378

Removed by vendor...

leesandwiches.com XSS vulnerability

Vulnerable URL: http://www.leesandwiches.com/main.php?act=productlist=1/-///'/"//--...

WordPress Plugin WA Form Builder SQL Injection

Description: Type user access: any user. $POST ‘waformsId’ is not escaped. WAFormBuilderuioutput is accessible for any user. File / Code: Path: /wp-content/plugins/wa-form-builder/main.php global $wpdb; echo 'SELECT FROM '.$wpdb-prefix.'wapwaformbuilder WHERE Id = '.$REQUEST'waformsId'; $formattr...

elevdelta.dk XSS vulnerability

Vulnerable URL: http://www.elevdelta.dk/main.php?v=1.09=math=regnomaten.swf=-1=3=%22%3E%3Csvg/onload=confirm/OPENBUGBOUNTY/%3E=buttlar⊂=crew〈=en Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

ifs-denmark.com XSS vulnerability

Vulnerable URL: http://ifs-denmark.com/main.php?id=services"'--!confirmOPENBUGOUNTY//...

vhs-swiss.com XSS vulnerability

Vulnerable URL: http://vhs-swiss.com/main.php?id=services"'--!confirmOPENBUGBOUNTY//...

lampangtc.ac.th XSS vulnerability

Vulnerable URL: http://www.lampangtc.ac.th/branch1/main.php?filename=kq7uPjdXguH20151222152125.pdf...

hutondigital.co.kr XSS vulnerability

Vulnerable URL: http://www.hutondigital.co.kr/main.php?cp=oxbbs=data=download=113=704=oxbbs...

project-audio.com XSS vulnerability

Open Bug Bounty ID: OBB-218872 Description| Value ---|--- Affected Website:| project-audio.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

iadb.co.uk XSS vulnerability

Vulnerable URL: http://www.iadb.co.uk/romans/main.php?P=5"alert/OPENBUGBOUNTY/...