Cross site scripting

Victor CMS through 2019-02-28 allows XSS via the register.php userfirstname or userlastname field...

CVE-2020-15599

Victor CMS through 2019-02-28 allows XSS via the register.php userfirstname or userlastname field...

CVE-2020-15599

Victor CMS (pre-2019-02-28) is affected by CVE-2020-15599 due to stored XSS in the register.php form fields user_firstname and user_lastname. The vulnerability arises from insufficient input validation on client-side data, enabling execution of injected scripts in user browsers. A publicly docume...

CVE-2020-10106

CVE-2020-10106 affects PHPGurukul Daily Expense Tracker System 1.0. The Red Hat/NVD entries confirm a SQL injection via the email parameter in index.php or register.php, enabling dumping of the MySQL database and bypassing the login prompt. The vulnerability is driven by improper handling of user...

202CMS v10beta - Multiple SQL Injection

=========================================================================================== Exploit Title: 202CMS - 'loguser' SQL Inj. Dork: N/A Date: 20-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://sourceforge.net/projects/b202cms/ Software Link:...

CVE-2018-1000868

WeBid version up to current version 1.2.2 contains a Cross Site Scripting XSS vulnerability in userlogin.php, register.php that can result in Javascript execution in the user's browser, injection of malicious markup into the page. This attack appear to be exploitable via The victim user must clic...

Cross site scripting

WeBid version up to current version 1.2.2 contains a Cross Site Scripting XSS vulnerability in userlogin.php, register.php that can result in Javascript execution in the user's browser, injection of malicious markup into the page. This attack appear to be exploitable via The victim user must clic...

CVE-2018-1000868

WeBid up to version 1.2.2 is affected by a Cross-Site Scripting (XSS) vulnerability in user_login.php and register.php. The issue allows execution of JavaScript in a user’s browser when a victim user clicks a malicious link, via injected markup on the affected pages. The vulnerability is fixed af...

festzeit.ch XSS vulnerability

Open Bug Bounty ID: OBB-686788 Description| Value ---|--- Affected Website:| festzeit.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

trigpointing.uk XSS vulnerability

Open Bug Bounty ID: OBB-640908 Description| Value ---|--- Affected Website:| trigpointing.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

pizzashack.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-565648 Description| Value ---|--- Affected Website:| pizzashack.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

vinge.de XSS vulnerability

Open Bug Bounty ID: OBB-555140 Description| Value ---|--- Affected Website:| vinge.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

p4pconsulting.com XSS vulnerability

Open Bug Bounty ID: OBB-552969 Description| Value ---|--- Affected Website:| p4pconsulting.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

nextpart.ro XSS vulnerability

Open Bug Bounty ID: OBB-552966 Description| Value ---|--- Affected Website:| nextpart.ro Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

v.ht XSS vulnerability

Open Bug Bounty ID: OBB-551169 Description| Value ---|--- Affected Website:| v.ht Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

thestudentroom.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-449694 Description| Value ---|--- Affected Website:| thestudentroom.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...

Sql injection

Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the 1 email parameter or 2 userid parameter to register.php...

stiell.be XSS vulnerability

Vulnerable URL: http://stiell.be/register.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 11.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure Timeline:...

krommetje.nl XSS vulnerability

Vulnerable URL: https://www.krommetje.nl/humo-gen/register.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 11.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosur...

stylees.de XSS vulnerability

Open Bug Bounty ID: OBB-307503 Description| Value ---|--- Affected Website:| stylees.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...