28 matches found
EUVD-2017-7405
Malware in sbrugna...
EUVD-2014-5565
Malware in sbrugna...
CVE-2020-6213
SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXTPHTMLB, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, is vulnerable to reflected Cross-Site Scripting XSS via different URL parameters as it does not sufficiently encode user controlled inputs...
Apache Tiles: Unvalidated input may lead to path traversal and XXE
The value set as the DefaultLocaleResolver.LOCALEKEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. Passing user-controlled data to this key may be relativel...
CVE-2020-6324
SAP Netweaver AS ABAPBSP Test Application sbspexttable, version-700,701,720,730,731,740,750,751,752,753,754,755, allows an unauthenticated attacker to send polluted URL to the victim, when the victim clicks on this URL, the attacker can read, modify the information available in the victim�s brows...
CVE-2020-6324
The CVE-2020-6324 entry affects SAP NetWeaver AS ABAP (BSP Test Application sbspext_table) across SAP NetWeaver ABAP versions 700–755. The vulnerability is a Reflected Cross-Site Scripting issue triggered by an unauthenticated user sending a polluted URL; when the victim clicks, the attacker can ...
PT-2020-19098 · Sap · Sap Netweaver As Abap
Name of the Vulnerable Software and Affected Versions: SAP Netweaver AS ABAP versions 700 through 755 Description: The issue allows an unauthenticated attacker to send a polluted URL to the victim. When the victim clicks on this URL, the attacker can read and modify the information available in t...
SAP NetWeaver AS ABAP Business Server Input Validation Error Vulnerability
SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. An input validation error vulnerability exists in SAP NetWeaver AS ABAP Business Server Pages Test Application IT00. The vulnerability stems from the network system...
CVE-2020-6217
SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting XSS vulnerability...
CVE-2020-6217
SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting XSS vulnerability...
CVE-2020-6217
The CVE-2020-6217 entry concerns SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, affected in versions 700–754, with a reflected XSS due to insufficient encoding of user-controlled inputs in the Web UI. The issue is documented across multiple sources (e.g., Red Hat, CNVD, CVE re...
PT-2020-19014 · Sap · Sap Netweaver As Abap
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754 Description: The issue allows an attacker to redirect users to a malicious site due to insufficient URL...
CVE-2017-17622
CVE-2017-17622 affects Online Exam Test Application Script 1.6 (PHP Scripts Mall India). A SQL injection exists in exams.php via the sort parameter, allowing a remote attacker to inject SQL commands. Exploit details appear in exploit-db (43291). The CNVD entry confirms remote exploitation; no pat...
Online Exam Test Application Script 1.6 SQL Injection
Exploit Title: Online Exam Test Application Script 1.6 - 'Exams.php 'sort' SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/online-exam-test-application/ Version: 1.6 Category: Webapps Tested on:...
Online Exam Test Application Script 1.6 - exams.php?sort SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Exam Test Application Script 1.6 - 'Exams.php 'sort' SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...
Online Exam Test Application Script 1.6 SQL Injection
Exploit Title: Online Exam Test Application Script 1.6 - 'Exams.php 'sort' SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/online-exam-test-application/ Version: 1.6 Category: Webapps Tested on:...
CVE-2017-14908
CVE-2017-14908 concerns the SafeSwitch test application on Android for MSM/CAF Linux builds (including Qualcomm components) not properly validating the number of blocks. Connected sources confirm the issue affects Android stacks (CAF Linux kernel-based builds) and can involve Qualcomm closed-sour...
CVE-2017-15989
Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action...
Sql injection
Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action...
CVE-2017-15989
The CVE-2017-15989 entry concerns Online Exam Test Application (PHP-based webapp by phpscriptsmall). The vulnerability is a SQL Injection via the resources.php sort parameter within a category action, as described in multiple sources (NVD/NVD-derived records; CVE pages; exploit references). Affec...