rais.ornl.gov XSS vulnerability

Open Bug Bounty ID: OBB-619824 Description| Value ---|--- Affected Website:| rais.ornl.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

franklintempletonmutualfund.in XSS vulnerability

Vulnerable URL: http://franklintempletonmutualfund.in/people.php/%3C!%27/!%22/!/%27//%22/--!%3E%3CInput/Type=Text%20AutoFocus%20/;%20OnFocus=alertOPENBUGBOUNTY%20//%3E%3CSvg%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS...

igpp.ucla.edu XSS vulnerability

Vulnerable URL: http://www.igpp.ucla.edu/people.php?range=1"...

DEBIAN-CVE-2009-2343

Cross-site scripting XSS vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...

CVE-2009-2343

Cross-site scripting XSS vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...

CVE-2008-3760

Cross-site request forgery CSRF vulnerability in the sign-out page in Vanilla 1.1.4 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout via a SignOutNow action to people.php...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the sign-out page in Vanilla 1.1.4 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout via a SignOutNow action to people.php...

CVE-2008-3758

Multiple cross-site scripting XSS vulnerabilities in Lussumo Vanilla 1.1.4 and earlier 1 allow remote attackers to inject arbitrary web script or HTML via the NewPassword parameter to people.php, and allow remote authenticated users to inject arbitrary web script or HTML via the 2 Account picture...

Unfixed XSS vulnerability at www.essl.ucar.edu

Security researcher MaXWeL, has submitted on 19/05/2007 a cross-site-scripting XSS vulnerability affecting www.essl.ucar.edu, which at the time of submission ranked 9759 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 19/05/2007. It is currentl...

CVE-2005-0841

SQL injection vulnerability in 1 people.php, 2 track.php, 3 edit.php, 4 document.php, 5 census.php, 6 passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrated via 1 the person parameter to people.php or 2 the Login...

CVE-2005-0841

SQL injection vulnerability in 1 people.php, 2 track.php, 3 edit.php, 4 document.php, 5 census.php, 6 passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrated via 1 the person parameter to people.php or 2 the Login...