barbizon.tv XSS vulnerability

Open Bug Bounty ID: OBB-674651 Description| Value ---|--- Affected Website:| barbizon.tv Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2005-4712

CRLF injection vulnerability in processsignup.php in PHP Handicapper allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the login parameter. NOTE: the vendor has disputed CVE-2005-3497, and it is possible that the dispute was intended to include this issue as well...

CVE-2005-4712

CVE-2005-4712 affects PHP Handicapper’s process_signup.php, where CRLF injection in the login parameter allows remote attackers to inject HTTP headers. The Red Hat entry repeats this description; other connected documents (e.g., PT Security) discuss a separate related issue (SQL injection) in the...

CVE-2005-3497

CVE-2005-3497 describes a SQL injection in PHP Handicapper’s process_signup.php via the serviceid parameter. Affected software is PHP Handicapper; vulnerability is in the server-side handling of the serviceid input, enabling remote attackers to execute arbitrary SQL commands. The issue was initia...