25 matches found
EUVD-2017-11164
Malware in sbrugna...
EUVD-2018-10630
Malware in sbrugna...
PHPGurukul Apartment Visitors Management System 安全漏洞
Apartment Visitors Management System is an apartment visitor management system. Apartment Visitors Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter visname in the file...
CVE-2017-20167
A vulnerability, which was classified as problematic, was found in Minichan. This affects an unknown part of the file reports.php. The manipulation of the argument headline leads to cross site scripting. It is possible to initiate the attack remotely. The identifier of the patch is...
Cross site scripting
A vulnerability, which was classified as problematic, was found in Minichan. This affects an unknown part of the file reports.php. The manipulation of the argument headline leads to cross site scripting. It is possible to initiate the attack remotely. The identifier of the patch is...
CVE-2017-20167 Minichan reports.php cross site scripting
A vulnerability, which was classified as problematic, was found in Minichan. This affects an unknown part of the file reports.php. The manipulation of the argument headline leads to cross site scripting. It is possible to initiate the attack remotely. The identifier of the patch is...
CVE-2017-20167
CVE-2017-20167 affects Minichan, with a cross-site scripting flaw in an unspecified part of reports.php. Manipulating the headline argument enables remote XSS. A patch is identified by fc0e732e58630cba318d6bf49d1388a7aa9d390e, and the vulnerability is associated with VDB-217785. Connected sources...
Design/Logic Flaw
A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. This affects an unknown part of the file /admin/reports.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2017-20081
CVE-2017-20081 affects Hindu Matrimonial Script, specifically the file path /admin/reports.php. The vulnerability is described as a privilege-management flaw that can be exploited remotely, with exploits publicly disclosed. The connected documents provide concrete details on the affected componen...
CVE-2017-20081 Hindu Matrimonial Script reports.php privileges management
A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. This affects an unknown part of the file /admin/reports.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2021-39413
Multiple Cross Site Scripting XSS vulnerabilities exits in SEO Panel v4.8.0 via the 1 totime parameter in a backlinks.php, b analytics.php, c log.php, d overview.php, e pagespeed.php, f rank.php, g review.php, h saturationchecker.php, i socialmedia.php, and j reports.php; the 2 fromtime parameter...
CVE-2021-39413
Multiple Cross Site Scripting XSS vulnerabilities exits in SEO Panel v4.8.0 via the 1 totime parameter in a backlinks.php, b analytics.php, c log.php, d overview.php, e pagespeed.php, f rank.php, g review.php, h saturationchecker.php, i socialmedia.php, and j reports.php; the 2 fromtime parameter...
Sql injection
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, categoryid and description in action/addproject.php; kindid, priorityid, projectid, statusid and title in action/addticket.php; and kindid and statusid in reports.php...
Ticketly 1.0 SQL Injection
Exploit Title: Ticketly 1.0 a 'name' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link: https://abisoftgt.net/software/6/sistema-de-tickets-y-soporte-con-php-y-mysql Affected Version: 1...
ghgenius.ca XSS vulnerability
Vulnerable URL: https://www.ghgenius.ca/reports.php?tag=Crude%20Oil%27%22%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 12.01.2018 Latest check for patch:| 12.01.2018 20:13 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alex...
CVE-2017-12776
SQL injection vulnerability in reports.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the delreport parameter...
Sql injection
SQL injection vulnerability in reports.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the delreport parameter...
CVE-2017-12776
CVE-2017-12776 affects NexusPHP 1.5. The reports.php file’s delreport parameter is vulnerable to SQL injection, enabling remote attackers to execute arbitrary SQL commands. Documented impact is high (CVSS v2 base 7.5, v3 base 9.8). No remediation details are provided in the connected documents; e...
CVE-2017-12776
SQL injection vulnerability in reports.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the delreport parameter...
WHMCompleteSolution 3.x/4.x Multiple Vulnerabilities
No description provided by source. $b0x WHMCS WHMCompleteSolution 3.x / 4.x Multiple Vulnerability ! $b0x ZxH-Labs $b0x 1st-NOV-11 $b0x Www.Sec4ever.coM $b0x WH-03 On Windows IIS 6.0 ======================================================== b0x@1337b0x:/b0x/Exploits/WebAPP whoami ZxH-Labs |...