6 matches found
PT-2026-55509
Name of the Vulnerable Software and Affected Versions Quiz and Survey Master QSM – Easy Quiz and Survey Maker versions prior to 11.1.5 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Authenticated attacker...
PT-2026-27373
Matrimony Website Script M-Plus contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various POST parameters. Attackers can inject malicious SQL payloads into parameters like txtGender, religion, Fage, an...
CVE-2018-17061
BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results...
Debian Security Advisory DSA 2480-4 (request-tracker3.8)
The remote host is missing an update to request-tracker3.8 announced via advisory DSA 2480-4. OpenVAS Vulnerability Test $Id: deb24804.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2480-4 request-tracker3.8 Authors: Thomas Reinke Copyright: Copyright c 20...
CVE-2007-1176
Multiple cross-site scripting XSS vulnerabilities in WebAPP before 0.9.9.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 Gallery Comments pages, 2 Feedback pages, 3 Search Results pages, and 4 the Statistics Log viewer...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in WebAPP before 0.9.9.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 Gallery Comments pages, 2 Feedback pages, 3 Search Results pages, and 4 the Statistics Log viewer...