32 matches found
Sql injection
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...
mijewels.com XSS vulnerability
Open Bug Bounty ID: OBB-367749 Description| Value ---|--- Affected Website:| mijewels.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...
sresolutions.com XSS vulnerability
Open Bug Bounty ID: OBB-260079 Description| Value ---|--- Affected Website:| sresolutions.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
beitrambam.org XSS vulnerability
Vulnerable URL: http://www.beitrambam.org/payment.php?notes=%3C/stYle/%3C/titLe/%3C/teXtarEa/%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 25.06.2016 Latest check for patch:| 25.06.2016 11:36 GMT Vulnerability type:| XSS Vulnerability...
thehamptonsynagogue.org XSS vulnerability
Vulnerable URL: http://www.thehamptonsynagogue.org/payment.php?notes=%3C/stYle/%3C/titLe/%3C/teXtarEa/%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4300811 VIP...
bethtikvahsynagogue.org XSS vulnerability
Vulnerable URL: http://www.bethtikvahsynagogue.org/payment.php?notes=%3C/stYle/%3C/titLe/%3C/teXtarEa/%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 26092271 VI...
erpub.org XSS vulnerability
Vulnerable URL: http://www.erpub.org/payment.php?email=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 6623500 Google Pagerank| 0 VIP...
TinyShop SQL注入一枚
简要描述: 20140926 详细说明: 因为是支付,会查询订单状态,要先创建一个订单。 /protected/controllers/payment.php中 paybalance函数 totalfee变量 //余额支付方式,服务器端处理 public function paybalance $sign = Req::post'sign';//从post中获取sign $args = Req::post; unset$args'sign'; $totalfee = Req::post'totalfee';//直接从post获取 $attach =...
Bosdates 3.x/4.0 Payment.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19191/info Bosdates is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PH...
Simply Sites RGV Local File Inclusion
Exploit for php platform in category web applications ===================================== Simply Sites RGV Local File Inclusion ===================================== Title : Simply Sites RGV Local File Inclusion Author: DevilZ TM Data : 2010-04-01 InformatioN Title : Simply Sites RGV Local File...
PT-2006-4803 · Bosdates · Bosdates
Name of the Vulnerable Software and Affected Versions: BosDates affected versions not specified Description: The issue concerns a remote file inclusion vulnerability in the payment.php file of BosDates. This vulnerability allows remote attackers to execute arbitrary PHP code by providing a URL in...
Bosdates 3.x4.0 - Payment.php Remote File Inclusion
Bosdates 3.x4.0 - Payment.php Remote File Inclusion source: https://www.securityfocus.com/bid/19191/info Bosdates is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...