633 matches found
Design/Logic Flaw
The "Add Link to Facebook" plugin through 2.3 for WordPress has XSS via the al2fbfacebookid parameter to wp-admin/profile.php...
CVE-2018-5214
The "Add Link to Facebook" plugin through 2.3 for WordPress has XSS via the al2fbfacebookid parameter to wp-admin/profile.php...
Sql injection
PHP Scripts Mall Muslim Matrimonial Script has SQL injection via the view-profile.php memid parameter...
CVE-2017-17615
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter...
CVE-2017-17605
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter...
Sql injection
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter...
Sql injection
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter...
CVE-2017-17579
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter...
CVE-2017-17579
CVE-2017-17579 affects FS Freelancer Clone 1.0 (PHP/MySQL). Multiple connected sources confirm a SQL Injection vulnerability in profile.php with the u parameter (remote exploitation possible). Root cause is unsafely handled input leading to SQL commands being injected. In the CNVD/CNVD-2017-37404...
CVE-2017-17615
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter...
CVE-2017-17580
CVE-2017-17580 affects FS Linkedin Clone 1.0 and is a SQL Injection vulnerability exploitable via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter. The issue is evidenced by CVSS metrics (2.0: base score 7.5, PARTIAL impacts; 3.1: base score 9.8, HIGH i...
CVE-2017-17579
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter...
indivibe.com XSS vulnerability
Vulnerable URL: http://www.indivibe.com/profile.php?id=13'" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2283335 VIP website status:| No Coordinated Disclosure Timeline: Description| Value ---|--- Vulnerabilit...
pixelitist.com XSS vulnerability
Vulnerable URL: http://pixelitist.com/profile.php?id=13'"150 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure...
law.knu.ac.kr XSS vulnerability
Vulnerable URL: http://law.knu.ac.kr/greeting/profile.php?id=%22%3EKeritzy%3Cimg%20src=x%20onerror=prompt%28/xssposed/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 17.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown ...
collegesearch.in XSS vulnerability
Vulnerable URL: https://www.collegesearch.in/send-profile.php?instituteid=2405%22%3E%3Ch1%3EM0ns7er%3C/h1%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%3C/br%3E%3Cimg%20src=%22https://images.cooltext.com/4956678.gif%22%20width=%22166%22%20height=%2270%22%20alt=%22m0ns7er%22%20/%3E Details...
CVE-2017-10673
admin/profile.php in GetSimple CMS 3.x has XSS in a name field...
CVE-2017-10673
admin/profile.php in GetSimple CMS 3.x has XSS in a name field...
physics.dur.ac.uk XSS vulnerability
Vulnerable URL: https://www.physics.dur.ac.uk/profiles/profile.php?userid=--%3E%22%3E%3C/a%3E%3C/script%3E%3C/title%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...
webhostingtalk.com XSS vulnerability
Vulnerable URL: http://www.webhostingtalk.com/profile.php?do=dismissnotice Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3634 Google Pagerank| 5 VIP website status:| Yes Check...