EUVD-2007-2793

Malware in sbrugna...

Csdjcms在在app/controllers/open.php处存在SQL注入漏洞

No description provided by source...

donchi.com XSS vulnerability

Vulnerable URL: http://www.donchi.com/open.php?imagename=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 12902251 Google Pagerank| 3 VI...

CVE-2014-4744

Multiple cross-site scripting XSS vulnerabilities in osTicket before 1.9.2 allow remote attackers to inject arbitrary web script or HTML via the 1 Phone Number field to open.php or 2 Phone number field, 3 passwd1 field, 4 passwd2 field, or 5 do parameter to account.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in osTicket before 1.9.2 allow remote attackers to inject arbitrary web script or HTML via the 1 Phone Number field to open.php or 2 Phone number field, 3 passwd1 field, 4 passwd2 field, or 5 do parameter to account.php...

PHPOK3 business website built Station program injection-vulnerability warning-the black bar safety net

Author: jsbug original: http://lcx.cc/?FoxNews=1077.html Friends always stepping on my body to embark on DOTA Super God of the road, see the forum someone said phpok, taking advantage of the weekend, send on the head a gold, hope you can also be super-God. “phpok3/app/www/models/upfile.php”: the...

CVE-2008-6078

CVE-2008-6078 : In Limbo CMS, the Private Messaging (com_privmsg) component’s open.php is vulnerable to SQL injection via the id parameter in a pms action to index.php. The NVD entry cites a base CVSSv2 score of 7.5 (HIGH) with network access, low attack complexity, and no authentication required...

Limbo CMS (Private Messaging Component) SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== Limbo CMS Private Messaging Component SQL Injection Vulnerability =================================================================== / Limbo CMS Private Messaging Compone...

limbocms-sql.txt

/ Limbo CMS Private Messaging Component Remote SQL Injection Vulnerability -------------------------------------------------------------------------- StAkeRathotmaildotit http://www.limboportal.com/index.php/option/downloads/task/download/id/108...

CVE-2007-2801

Multiple cross-site scripting XSS vulnerabilities in open.php in eTicket 1.5.5 and 1.5.5.1, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 err and 2 warn parameters. NOTE: the vendor disputes the significance of the issue, stating that...

osTicket Support Address DoS

The target is running at least one instance of osTicket 1.2.7 or earlier. Such versions are subject to a denial of service attack in open.php if osTicket is configured to receive mails using aliases. If so, a remote attacker can generate a mail loop on the target by opening a ticket with the...