Liferay Portal CE /html/portal/flash.jsp page cross-site scripting vulnerability

Liferay Portal CE is an open source enterprise networking platform. The platform is used to build company operations, business solutions. A cross-site scripting vulnerability exists in the /html/portal/flash.jsp page in Liferay Portal CE 7.0 GA4 and earlier versions. A remote attacker can exploit...

CVE-2017-1000425

Cross-site scripting XSS vulnerability in the /html/portal/flash.jsp page in Liferay Portal CE 7.0 GA4 and older allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in the "movie" parameter...

FS IMDB Clone SQL Injection Vulnerability

FS IMDB Clone is a set of PHP-based scripts for online movie ticket booking websites. A SQL injection vulnerability exists in FS IMDB Clone version 1.0. The vulnerability can be exploited to inject SQL by sending the 'f' parameter to the movie.php file, the 's' parameter to the tvshow.php file, o...

CVE-2017-17588

FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or showmiscvideo.php id parameter...

CVE-2007-6528

Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. dot dot and modified filename in the movie parameter...