10 matches found
DomainMod 4.13 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: DomainMod = 4.13 - Cross-Site Scripting Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: https://domainmod.org/ Version: = 4.13 Tested on: Ubuntu 18.04.1 CVE: CVE-2019-15811 The software 'DomainMOD' is...
CVE-2019-15811
In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS...
CVE-2010-0636
Multiple cross-site scripting XSS vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to inject arbitrary web script or HTML via the 1 tab parameter to users.php and the PATHINFO to 2 day.php, 3 month.php, and 4 week.php. NOTE: some of these details are...
Meeting Room Booking System (MRBS) month.php area Parameter SQL Injection
The remote host is running Meeting Room Booking System MRBS, a PHP application for booking meeting rooms or other resources. The version of MRBS installed on the remote host fails to sanitize user-supplied input to the 'area' parameter of the 'month.php' script before using it to construct databa...
CVE-2008-4620
SQL injection vulnerability in Meeting Room Booking System MRBS before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to 1 month.php, and possibly 2 day.php and 3 week.php...
CVE-2008-3565
Multiple cross-site scripting XSS vulnerabilities in Meeting Room Booking System MRBS 1.2.6 allow remote attackers to inject arbitrary web script or HTML via the area parameter to 1 day.php, 2 week.php, 3 month.php, 4 search.php, 5 report.php, and 6 help.php. NOTE: the provenance of this...
Meeting Room Booking System (MRBS) 1.2.6 - month.php Cross-Site Scripting
Meeting Room Booking System MRBS 1.2.6 - month.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30531/info MRBS Meeting Room Booking Software is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...
phpical-xss.txt
PHP iCalendar alertdocument.cookie //---------------------------------------\ Greetz To: All Hackers Jose Luis Góngora Fernández / JosS!...
CVE-2006-2798
Multiple cross-site scripting XSS vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 LoName parameter in a week.php and b month.php and 2 AddressLink parameter in c event.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 LoName parameter in a week.php and b month.php and 2 AddressLink parameter in c event.php...