AlertDanger Protection Bypass

genix/cms is vulnerable to alertDanger protection bypass. It is possible to bypass the alertDanger MSGUSEREMAILEXIST protection mechanism via a register.php?act=edit=1 request...

Cross site request forgery (csrf)

GeniXCMS 1.0.2 allows remote attackers to bypass the alertDanger MSGUSEREMAILEXIST protection mechanism via a register.php?act=edit&id=1 request...

CVE-2017-8388

GeniXCMS 1.0.2 is affected by a protection bypass vulnerability that allows remote attackers to bypass the alertDanger MSG_USER_EMAIL_EXIST protection via a register.php?act=edit&id=1 request. The issue is consistently described across multiple sources (NVD entry, GHSA/OSV entries, and related ad...

hamburg-adressbuch.de XSS vulnerability

Vulnerable URL: http://www.hamburg-adressbuch.de/register.php?stichwort=%22+onmouseover%3Dalert%28%2FOPENBUGBOUNTY%2F%29+lol====alle=suchen=search Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclose...

Sql injection

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows unauthenticated users to execute arbitrary SQL commands via the activation parameter...

CVE-2017-5574

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows unauthenticated users to execute arbitrary SQL commands via the activation parameter...

CVE-2017-5574

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows unauthenticated users to execute arbitrary SQL commands via the activation parameter...

GenixCMS register.php SQL injection vulnerability

Details source: http://www.hackersb.cn/shenji/107.html The vulnerability principle Program the root directory of the register. php, section 116 row to 118 line: if isset$GET'activation' code... $usr = Db::resultsprintf"SELECT FROM user WHERE activation = '%s' LIMIT 1", $GET'activation' ; Can be...

MetalGenix GeniXCMS SQL Injection Vulnerability

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF from MetalGenix Indonesia, which provides modules for user management, content management and menu management. A SQL injection vulnerability exists in the register.php file in MetalGenix GeniXCMS versions prior to...

Sql injection

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter...

CVE-2016-10096

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter...

CVE-2016-10096

SQL injection vulnerability in register.php in GeniXCMS before 1.0.0 allows remote attackers to execute arbitrary SQL commands via the activation parameter...

CVE-2016-10096

GeniXCMS before 1.0.0 contains a SQL injection in register.php that can be triggered by the activation parameter to allow remote execution of arbitrary SQL. The issue is exposed in multiple references (e.g., CVE-2016-10096 and accompanying advisories) and is reported across NVD, CNVD, OSV, GHSA, ...

2481.com.au XSS vulnerability

Vulnerable URL:...

PHP Planner 0.4 SQL Injection

PHP Planner SQL Injection Vulnerability , Discovered by NA , NAattutanota.com ================================================================================= Description =========== This is a basic PHP Calendar with lots of features and possiblities. Uses mySQL as backend and is fitted with an...

kharp.net XSS vulnerability

Vulnerable URL: http://www.kharp.net/khp/register.php?conditionkhp=true Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP website...

alphastress.com XSS vulnerability

Vulnerable URL: https://alphastress.com/register.php?ref=%22/%3E%3Cscript%3Ealert%28%27XSSPOSED%27%29;%3C/script%3E%3C!-- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3276121...

mtw.ru XSS vulnerability

Vulnerable URL: http://mtw.ru/register.php?order=94de4"...

shieldnow.fi XSS vulnerability

Vulnerable URL: http://www.shieldnow.fi/register.php?user=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Goog...

treene.com XSS vulnerability

Vulnerable URL: http://www.treene.com/register.php?user=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google...