ventrilo.com XSS vulnerability

Open Bug Bounty ID: OBB-501245 Description| Value ---|--- Affected Website:| ventrilo.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosur...

SQL Injection Vulnerability in FiyoCMS status.php File

FiyoCMS is a content management system CMS for creating CMS templates. A SQL injection vulnerability exists in the FiyoCMS status.php file. An attacker can exploit the vulnerability to obtain sensitive database information...

CVE-2017-11631

dapur/app/appuser/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter...

ircddb.dstar.su XSS vulnerability

Vulnerable URL: http://ircddb.dstar.su/api/status.php?callback=prompt/OPENBUGBOUNTY/...

www1.meadjohnson.com XSS vulnerability

Vulnerable URL: http://www1.meadjohnson.com/privacy/getStatus.php?bg=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP website status...

phpBugTracker 1.6.0 - Multiple Vulnerabilities

Advisory: Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities in phpBugTracker v.1.6.0 Advisory ID: SROEADV-2015-16 Author: Steffen Rösemann Affected Software: phpBugTracker v.1.6.0 Vendor URL: https://github.com/a-v-k/phpBugTracker Vendor Status: patched CVE-ID: will asked to be...

ownCloud / ownCloud Infinite Scale Detection (HTTP)

HTTP based detection of ownCloud / ownCloud Infinite Scale oCIS. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-3819

WoW Server Status 4.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by status.php and certain other files...

Information disclosure

WoW Server Status 4.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by status.php and certain other files...

CVE-2006-4883

Multiple cross-site scripting XSS vulnerabilities in IDevSpot BizDirectory allow remote attackers to inject arbitrary web script or HTML via 1 the stylesheet parameter in Feed.php or 2 the message parameter in status.php...

CVE-2006-4883

Multiple cross-site scripting XSS vulnerabilities in IDevSpot BizDirectory allow remote attackers to inject arbitrary web script or HTML via 1 the stylesheet parameter in Feed.php or 2 the message parameter in status.php...

Path Disclosure in Turba of Horde

There is a path disclosure in status.php of Turba module at Horde 2.1, you get this: Fatal error: Call to a member function on a non-object in /opt/local/apache/htdocs/horde/turba/status.php on line 12 NOTE: i observed that this only occur in Turba...