CVE-2018-6576

SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter...

puntoeacapo.net XSS vulnerability

Vulnerable URL: http://www.puntoeacapo.net/page.php?url=alert'OPENBUGBOUNTY'...

vergelegen.co.za XSS vulnerability

Vulnerable URL: http://www.vergelegen.co.za/Alpha/Page.php?SearchString="--!"=xImageID=1140000000== Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2480466 VIP website status:| No...

CVE-2017-7386

citymont/symetrie v.0.9.6 is vulnerable to a reflected XSS in symetrie-master/app/commands/page.php model parameter...

CVE-2017-7386

citymont/symetrie v.0.9.6 is vulnerable to a reflected XSS in symetrie-master/app/commands/page.php model parameter...

gasparin.cz XSS vulnerability

Vulnerable URL: http://gasparin.cz/page.php?page=co2/products/gmotors/gmotors"=en Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 12960412 VIP website status:| No Check gasparin.cz...

namaz.namaz.ir XSS vulnerability

Vulnerable URL: http://namaz.namaz.ir/page.php?cat=21=45";...

spectro.fr XSS vulnerability

Vulnerable URL: http://www.spectro.fr/pages/appc/contentmanager/page.php?ID=10025318=%3CSESSION%3E=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

ArtFrame CMS page.php parameters kid SQL injection vulnerability

No description provided by source...

ukvoices.co.uk XSS vulnerability

Vulnerable URL: http://www.ukvoices.co.uk/login-page.php?loginmsg=rk%22%3E%3Caudio%20src=x%20onerror=confirm%28%22XSSPOSED%22%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

CVE-2014-8307

Multiple cross-site scripting XSS vulnerabilities in skins/default/outline.tpl in C97net Cart Engine before 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 path parameter in the "drop down TOP menu with path" section or 2 printthispage variable in the footercontentbloc...

Open redirect

Open redirect vulnerability in the redir function in includes/function.php in C97net Cart Engine before 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header to 1 index.php, 2 cart.php, 3 msg.php, or 4 page.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in skins/default/outline.tpl in C97net Cart Engine before 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 path parameter in the "drop down TOP menu with path" section or 2 printthispage variable in the footercontentbloc...

Foundry CMS Multiple Vulnerability

Title: Foundry CMS Multiple Vulnerability + Date: 2014/07/20 + Author: Hekt0r + Vendor Homepage: www.design-foundry.co.uk + Tested on: Windows 7 & Kali Linux + Vulnerable Files: /page.php + Dork : intext:"Site by The Design Foundry" + Title: Foundry CMS Multiple Vulnerability + Date: 2014/07/20 +...

Ahhp Portal Page.PHP Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/23658/info Ahhp Portal is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and...

RahnemaCo Page.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18435/info RahnemaCo is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver...

PHPX 3.x admin/page.php CSRF Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative command...

MyPHPDating 1.0 - SQL Injection Vulnerability

No description provided by source. MyPHPDating 1.0 SQL Injection Vulnerability \ ==============================================\ Software : MyPHPDating version 1.0 \ Date : 1/1/2012 \ Vendor : http://www.phponlinedatingsoftware.com/ \ Demo : http://www.phponlinedatingsoftware.com/demo.htm \ Get...

FaName 1.0 page.php name Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30019/info FaName is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...

Izumi <= 1.1.0 (RFI/LFI) Multiple Include Vulnerability

No description provided by source. + Izumi = 1.1.0 RFI/LFI Multiple Include Vulnerability + Discovered by cr4wl3r cr4wl3r!linuxmail.org + Download : http://sourceforge.net/projects/izumi/files/ + Code : page.php requireonce$dirinstall . $dirsrc . common.php; + Example : x RFI :...