CVE-2024-58316 Online Shopping System Advanced 1.0 SQL Injection via Payment Success Parameter

Online Shopping System Advanced 1.0 contains a SQL injection vulnerability in the paymentsuccess.php script that allows attackers to inject malicious SQL through the unfiltered 'cm' parameter. Attackers can exploit the vulnerability by sending crafted SQL queries to retrieve sensitive database...

CVE-2024-58316 Online Shopping System Advanced 1.0 SQL Injection via Payment Success Parameter

Online Shopping System Advanced 1.0 contains a SQL injection vulnerability in the paymentsuccess.php script that allows attackers to inject malicious SQL through the unfiltered 'cm' parameter. Attackers can exploit the vulnerability by sending crafted SQL queries to retrieve sensitive database...

Exploit for Cross-site Scripting in Pnetlab

Open Redirect CVE-2024-51112 + Exploit Author: Fatime Zeh...

PT-2024-17262 · WordPress · Pkt1 Centro De Envios

Name of the Vulnerable Software and Affected Versions: PKT1 Centro de envios plugin for WordPress versions up to, and including, 1.2.1 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows unauthenticated...

OpenStack Horizon 输入验证错误漏洞

OpenStack Horizon is a Django-based project for OpenStack designed to provide complete OpenStack dashboards and an extensible framework for building new dashboards from reusable components. A security vulnerability exists in OpenStack Horizon versions 19.4.0 through 20.1.4 that stems from a...

CVE-2023-25314

Cross Site Scripting XSS vulnerability in World Wide Broadcast Network AVideo before 12.4, allows attackers to gain sensitive information via the success parameter to /user...

PT-2023-20025 · Avideo · Avideo

Name of the Vulnerable Software and Affected Versions: AVideo versions prior to 12.4 Description: The issue allows attackers to gain sensitive information via the success parameter to the "/user" API endpoint. This is a Cross Site Scripting XSS vulnerability, which means attackers can inject...

UBUNTU-CVE-2017-5614

Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the 1 success or 2 failure parameter...

Open redirect

Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the 1 success or 2 failure parameter...

CVE-2017-5614

Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the 1 success or 2 failure parameter...