CVE-2019-25505

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requests to the monthlydeposit endpoint with malicious symbol values using boolean-based blind,...

EUVD-2019-19731

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requests to the monthlydeposit endpoint with malicious symbol values using boolean-based blind,...

CVE-2019-25505

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requests to the monthlydeposit endpoint with malicious symbol values using boolean-based blind,...

CVE-2019-25505

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requests to the monthlydeposit endpoint with malicious symbol values using boolean-based blind,...

CVE-2019-25505 Tradebox 5.4 SQL Injection via symbol Parameter

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requests to the monthlydeposit endpoint with malicious symbol values using boolean-based blind,...

CVE-2019-25505 Tradebox 5.4 SQL Injection via symbol Parameter

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requests to the monthlydeposit endpoint with malicious symbol values using boolean-based blind,...

CVE-2019-25505

CVE-2019-25505 affects Tradebox 5.4. The vulnerability is an SQL injection via the symbol parameter in the monthly_deposit endpoint, allowing authenticated attackers to manipulate database queries. Reported techniques include boolean-based blind, time-based blind, error-based, and union-based SQL...

PT-2026-22960

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requests to the monthly deposit endpoint with malicious symbol values using boolean-based blind,...

Directory Traversal

Overview gapless-crypto-clickhouse is a ClickHouse-based cryptocurrency data collection with zero-gap guarantee. 22x faster via Binance public repository with persistent database storage, USDT-margined futures support, and production-ready ReplacingMergeTree schema. Affected versions of this...

Stracker SQL注入漏洞

Stracker is an application by visegripped individual developers. Stracker suffers from a SQL injection vulnerability that stems from the fact that incorrect manipulation of the parameters symbol/startDate/endDate can lead to sql injection...

Tradebox CryptoCurrency - symbol SQL Injection

Tradebox CryptoCurrency - symbol SQL Injection Title: Tradebox - CryptoCurrency Buy Sell and Trading Date: 04.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.bdtask.com Software Link: tradebox.bdtask.com/demo-v5.3/ Version: 5.4 Category: Webapps Tested on: WAMPP @Win Software...

Unfixed XSS vulnerability at www.otcbb.com

Security researcher PaPPy, has submitted on 27/12/2008 a cross-site-scripting XSS vulnerability affecting www.otcbb.com, which at the time of submission ranked 49881 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/07/2009. It is currently...