26 matches found
EUVD-2004-1837
Malware in sbrugna...
calendarsusa.com XSS vulnerability
Open Bug Bounty ID: OBB-258598 Description| Value ---|--- Affected Website:| calendarsusa.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
cargo-ni.co.rs XSS vulnerability
Vulnerable URL: http://www.cargo-ni.co.rs/register.asp?mess=1"...
ipsos-unex.de XSS vulnerability
Vulnerable URL: http://www.ipsos-unex.de/register.asp?rid=1"'--! Details: Description| Value ---|--- Patched:| No Latest check for patch:| 01.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3128408 VIP website status:| No Check ipsos-unex.de SSL connection:|...
neuratron.com XSS vulnerability
Vulnerable URL: http://www.neuratron.com/register.asp?setProduct=PSL=7.0.0=980=1%22--%3E%3Csvg/onload=;prompt/OPENBUGBOUNTY/;%3E2147457 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...
Expinion.net Member Management System 2.1 register.asp err Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/9932/info It has been reported that a number of Member Management System scripts are prone to cross-site scripting vulnerabilities. These issues are reportedly due to a failure to sanitize user input and so allow HTML and...
Expinion.net Member Management System 2.1 error.asp err Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/9932/info It has been reported that a number of Member Management System scripts are prone to cross-site scripting vulnerabilities. These issues are reportedly due to a failure to sanitize user input and so allow HTML and...
Snitz Forums 2000 Register.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7549/info Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz is back-ended by a database and supports Microsoft Access 97/2000, SQL Server 6.5/7.0/2000 and MySQL. It i...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in e-Courier CMS allow remote attackers to inject arbitrary web script or HTML via the UserGUID parameter to 1 Wizardtracking.asp, 2 wizardoe2.asp, 3 your-register.asp, 4 main-whyregister.asp, and 5 your.asp in home/, and other unspecified vectors...
CVE-2009-3905
Multiple cross-site scripting XSS vulnerabilities in e-Courier CMS allow remote attackers to inject arbitrary web script or HTML via the UserGUID parameter to 1 Wizardtracking.asp, 2 wizardoe2.asp, 3 your-register.asp, 4 main-whyregister.asp, and 5 your.asp in home/, and other unspecified vectors...
CVE-2009-3905
Multiple cross-site scripting XSS vulnerabilities in e-Courier CMS allow remote attackers to inject arbitrary web script or HTML via the UserGUID parameter to 1 Wizardtracking.asp, 2 wizardoe2.asp, 3 your-register.asp, 4 main-whyregister.asp, and 5 your.asp in home/, and other unspecified vectors...
Snitz Forums 2000 <= 3.4.07 register.asp 'Email' Parameter SQL Injection
The remote version of Snitz Forums 2000 is vulnerable to a SQL injection attack. The domain name of the email address passed to the 'Email' parameter of 'register.asp' is not sanitized before being used in a SQL query. A remote attacker could exploit this to execute arbitrary SQL queries. Note th...
Snitz Forums 2000 'register.asp' SQL注入漏洞
Bugraq ID: 35764 Snitz Forums 2000是一款基于ASP的论坛程序。 Snitz Forums 2000不正确处理用户输入,远程攻击者可以利用漏洞获得敏感信息或对数据库进行操作。 register.asp脚本对"Email"参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或对数据库进行操作。 Snitz Forums 2000 Snitz Forums 2000 3.4.7 目前没有解决方案提供: http://forum.snitz.com/...
CVE-2008-5633
SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information...
CVE-2008-5633
Actively exploitable SQL injection vulnerability in ActiveVotes 2.2, specifically via register.asp (parameters: username, password), enabling remote execution of arbitrary SQL. Root cause is improper input handling leading to query manipulation. Affected component: register.asp in ActiveVotes 2.2...
Unfixed XSS vulnerability at www.helgon.net
Security researcher Uber0n, has submitted on 12/05/2008 a cross-site-scripting XSS vulnerability affecting www.helgon.net, which at the time of submission ranked 14352 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/06/2008. It is currently...
eWebquiz v 8 (Auth Bypass) Remote SQL Injection Vulnerability
No description provided by source. ----------------------------بسم الله الرØمن الرØيم------------------------------ وما أوتيتم من العلم الا قليلا -------------------------------صدق الله العظيم------------------------------- Tybe:Auth Bypass...
ASPNuke <= 0.80 (register.asp) Remote SQL Injection Vulnerability
Title : ASPNuke = 0.80 register.asp Remote SQL Injection Vulnerability Author : ajann S.Page : http://www.aspnuke.com D.Page : http://sourceforge.net/project/showfiles.php?groupid=92470 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ASP Nuke...
CVE-2006-2737
utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action...
Nukedit 4.9.6 - Unauthorized Admin Add
Nukedit 4.9.6 - Unauthorized Admin Add KAPDA - Security Science Researchers Institute Advisory : http://www.kapda.ir/advisory-337.html Vendor : http://www.nukedit.com/ What is : Nukedit is a Free Content Management Vulnerability : Unauthorized Admin Add Exploit if "register.asp" be enable!...