5 matches found
EUVD-2020-16713
Malware in sbrugna...
The vulnerability of the “id” parameter in the “team.php”, “player.php”, and “club.php” scripts of the KandNconcepts Club CMS allows a hacker to perform XSS attacks.
The vulnerability of the “id” parameter in the “team.php”, “player.php”, and “club.php” scripts of the KandNconcepts Club CMS exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...
CVE-2020-23973
KandNconcepts Club CMS 1.1 and 1.2 has SQL Injection via the 'team.php,player.php,club.php' id parameter...
espnfc.com XSS vulnerability
Vulnerable URL: http://www.espnfc.com/player/127270/jordan-henderson?season=2014%27%22--!%3E%20%3C/script/%3E%3CSvg/Onload=confirmOPENBUGBOUNTY//%27 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...
Luis Bernardo SQL Injection Vulnerability
Luis Bernard is a web application development framework. A SQL injection vulnerability exists in the idplayer parameter of the formseeplayer.php page of the Luis Bernard system. Because the program fails to adequately filter user-submitted input, an attacker could use this vulnerability to take...