5 matches found
Cross site scripting
Metinfo 6.1.3 has reflected XSS via the admin/column/move.php langcolumnerr4 parameter...
CVE-2018-19835
CVE-2018-19835 affects MetInfo 6.1.3, with a reflected XSS in the admin/column/move.php parameter lang_columnerr4. The root cause is unsanitized input in that parameter, enabling an attacker to inject arbitrary script/HTML. Documented impact is reflected XSS; CVSS data (NVD) shows MEDIUM overall,...
appjob.com XSS vulnerability
Vulnerable URL: http://www.appjob.com/move.php?page=index.php?"OPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 10597929 VIP website status:| No Check appjob.com SSL...
CVE-2012-4393
Multiple cross-site request forgery CSRF vulnerabilities in ownCloud before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users for requests that use 1 addBookmark.php, 2 delBookmark.php, or 3 editBookmark.php in bookmarks/ajax/; 4 calendar/delete.php, 5 calendar/edit.php...
Alsco CMS SQL Injection
x Tybe: SQL Injection Vulnerabilities x Vendor: http://www.alscosoftware.com/ x Script Name: ALSCO CMS x author: PrinceofHacking x Team: Ashiyane Digital Security Team x Mail : PrincedotH4ck@gmaildotcom D0rk: inurl:"move.php?" site:.iq Exploit: http://localhost/path/move/Showarchiv.php?id=-1...