PT-2019-15863 · Intelbras · Intelbras Wrn 150

Name of the Vulnerable Software and Affected Versions: Intelbras WRN 150 version 1.0.18 Description: The issue allows for cross-site request forgery CSRF attacks, which can be used to change a password. This can be achieved by accessing the goform/SysToolChangePwd URI with GO=system password.asp...

allgood.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-678378 Description| Value ---|--- Affected Website:| allgood.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2005-4166

The CVE-2005-4166 entry documents a Cross-site Scripting (XSS) vulnerability in DUWare DUportal Pro 3.4.3, exploitable via the result parameter in password.asp. The affected component is password.asp within DUportal Pro 3.4.3; the root cause is input handling allowing script/HTML injection. The p...

Maxwebportal 1.36 - Password.asp Change Password (2) (PHP)

Maxwebportal 1.36 - Password.asp Change Password 2 PHP ------------------------------------------ / Config address - example: http://www.site.com/password.asp $url = "http://www.mohamad.com/password.asp"; $mh = "s1"; if webmaxportal version is : Version 1.35 and older please input $mh= "s1" if...

Maxwebportal 1.36 - 'Password.asp' Change Password (3)

!/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR - MAX Portal All Versions Exploit By : A l p h a P r o g r a m m e r Sirus-v ; E-Mail : [email protected] This Xpl Change Admin's Pass in This Portal !! Discovered by: s d Gr33tz To == mhp0rtal ,...

Maxwebportal <= 1.36 password.asp Change Password Exploit (2 - php)

No description provided by source. ?php / ------Trap-Set Underground Hacking Team-----------------mhp0rtal---------------------- Greetz to : Alphaprogrammer , Oilkarchack , Str0ke And Iranian Hacking & Security Teams : Alphast , IHS Team , Shabgard Security Team , Emperor Hacking TEam , CrouZ...

MaxWebPortal memKey Parameter SQL Injection

The remote host is running a version of MaxWebPortal that fails to properly sanitize input passed through the 'memKey' parameter to the 'password.asp' script. An attacker can exploit this flaw to modify database queries resulting in the disclosure of sensitive information, modification of data fo...

MaxWebPortal password.asp memKey Parameter SQL Injection

Binary data 2937.prm...

CVE-2003-0494

CVE-2003-0494 affects Snitz Forums 3.4.03 and earlier. The vulnerability is in password.asp: a remote attacker can reset passwords and gain privileges as other users by sending a direct request with a modified member id. Root cause appears to be parameter tampering on the member identifier, enabl...