sfoex.com XSS vulnerability

Open Bug Bounty ID: OBB-591400 Description| Value ---|--- Affected Website:| sfoex.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

foodplus-amcard.com XSS vulnerability

Open Bug Bounty ID: OBB-591382 Description| Value ---|--- Affected Website:| foodplus-amcard.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

onlinecca.com XSS vulnerability

Open Bug Bounty ID: OBB-591266 Description| Value ---|--- Affected Website:| onlinecca.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Sql injection

Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the 1 newsid parameter to news/send.php, 2 threadid parameter to posts/edit.php, or 3 useremail parameter to users/password.php or 4 users/register.php. NOTE: these issues were SPLIT...

SiNG cms - Password.php Cross-Site Scripting

SiNG cms - Password.php Cross-Site Scripting source: https://www.securityfocus.com/bid/55168/info SiNG cms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...

SiNG cms 2.9.0 (email) Remote XSS POST Injection Vulnerability

Summary SiNG cms is a free modular Content Management System open source, based on a bunch of PHP / MySQL and intended use of the web server Apache. Description The application is prone to a reflected cross-site scripting vulnerability due to a failure to properly sanitize user-supplied input to...

Unfixed XSS vulnerability at www.farmville-trucos.com

Security researcher RME, has submitted on 27/12/2010 a cross-site-scripting XSS vulnerability affecting www.farmville-trucos.com, which at the time of submission ranked 7220580 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It is...

CVE-2008-6729

PHPmotion

Cross site scripting

Cross-site scripting XSS vulnerability in password.php in Scripts For Sites SFS EZ Baby allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...

CVE-2009-0532

Cross-site scripting XSS vulnerability in password.php in Scripts For Sites SFS EZ Baby allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...

CVE-2009-0532

CVE-2009-0532 describes a Cross-Site Scripting (XSS) flaw in password.php of Scripts For Sites (SFS) EZ Baby. The vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, potentially involving the u2 parameter. The NVD entry lists a base score of 4.3 (...

Sql injection

SQL injection vulnerability in @1 File Store 2006.03.07 allows remote attackers to execute arbitrary SQL commands via the id parameter to 1 functions.php and 2 user.php in the libs directory, 3 edit.php and 4 delete.php in control/files/, 5 edit.php and 6 delete.php in control/users/, 7 edit.php,...

CVE-2005-3046

SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows remote attackers to modify SQL queries and gain administrator privileges via the user field...

CVE-2005-3046

CVE-2005-3046 affects PhpMyFaq 1.5.1. The vulnerability is a SQL injection in password.php via the user field, enabling remote attackers to modify SQL queries and gain administrator privileges. Connected sources corroborate the issue and its impact; exploitation specifics are not provided beyond ...

PHPMyFAQ 1.5.1 - Password.php SQL Injection

PHPMyFAQ 1.5.1 - Password.php SQL Injection source: https://www.securityfocus.com/bid/14927/info phpMyFAQ is affected by an SQL injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input before using it in a SQL query. This vulnerability could...

PHPMyFAQ 1.5.1 - 'Password.php' SQL Injection

source: https://www.securityfocus.com/bid/14927/info phpMyFAQ is affected by an SQL injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input before using it in a SQL query. This vulnerability could permit remote attackers to pass malicious inp...