Equipment Rental Script-1.0 - SQLi

Title: Equipment Rental Script-1.0 - SQLi Author: nu11secur1ty Date: 09/12/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/equipment-rental-script/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The packageid parameter appears t...

Fundraising Script 1.0 - SQLi

Title: Fundraising Script-1.0 SQLi Author: nu11secur1ty Date: 09/13/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/fundraising-script/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The cid parameter appears to be vulnerable to...

PT-2023-32649 · Unknown · Voovi Social Networking Script

Name of the Vulnerable Software and Affected Versions: Voovi Social Networking Script version 1.0 Description: A SQL injection vulnerability has been reported, affecting the videos.php endpoint in the id parameter. This could allow a remote attacker to send a specially crafted SQL query to the...

Cross site scripting

A vulnerability was found in PHP Jabbers Service Booking Script 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack can be initiated remotely. The identifier of...

CVE-2023-3557 GZ Scripts Property Listing Script preview.php cross site scripting

A vulnerability was found in GZ Scripts Property Listing Script 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /preview.php. The manipulation of the argument page/layout/sortby leads to cross site scripting. The attack may be initiated remotely. The...

PHPJabbers Travel Tours Script 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

hits script 1.0 - 'item_name' SQL Injection

Exploit Title: hits script 1.0 - 'itemname' SQL Injection Date: 2020-04-27 Exploit Author: SajjadBnd Vendor Homepage: https://hits.ir Software Link: http://dl.persianscript.ir/script/hitsir-script-persian%28PersianScript.ir%29.zip Software Linkmirror:...

Sql injection

SQL Injection exists in Professional Local Directory Script 1.0 via the sellerssubcategories.php IndustryID parameter, or the suppliers.php IndustryID or CategoryID parameter...

CVE-2018-5973

CVE-2018-5973 affects the Professional Local Directory Script 1.0 (PHP/MySQL). The vulnerability is a SQL injection in which the attacker can inject SQL commands via the sellers_subcategories.php?IndustryID parameter, or via suppliers.php with IndustryID or CategoryID parameters. Reported PoCs an...

CVE-2017-17601

Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter...

Sql injection

Child Care Script 1.0 has SQL Injection via the /list city parameter...

Sql injection

Yoga Class Script 1.0 has SQL Injection via the /list city parameter...

Sql injection

Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter...

Sql injection

Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATHINFO to the /detail URI...

Sql injection

Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter...

Sql injection

Event Search Script 1.0 has SQL Injection via the /event-list city parameter...

Sql injection

Food Order Script 1.0 has SQL Injection via the /list city parameter...

Sql injection

Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter...

Sql injection

Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter...

Sql injection

Professional Service Script 1.0 has SQL Injection via the service-list city parameter...