EUVD-2006-1538

Malware in sbrugna...

Starbucks: Reflected XSS on card.starbucks.com.sg/unsub.php via the 'ct' Parameter

gnux discovered a reflected XSS in https://card.starbucks.com.sg/unsub.php due to an unsanitized user-input via the ct parameter. @gnux— thank you for reporting this vulnerability and confirming the resolution...

flirtlocator.com XSS vulnerability

Vulnerable URL: http://flirtlocator.com/unsub.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check flirtlocator.com SSL...

seniorshousingcanada.com XSS vulnerability

Vulnerable URL: http://www.seniorshousingcanada.com/core/UnSub/UnSub.php?email=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown ...

seniorshousing.co.uk XSS vulnerability

Vulnerable URL: http://www.seniorshousing.co.uk/core/UnSub/UnSub.php?email=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / No...

thesgmall.com XSS vulnerability

Vulnerable URL: http://www.thesgmall.com/unsub.php?email=%27%22%3E%3E%3C/title%3E%27%22%3ESCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28/XSSPOSED/%29%3C/SCRIPT%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Public...

epromo.com.hk XSS vulnerability

Vulnerable URL: http://www.epromo.com.hk/fpsg/unsub.php?email=%27%22%3E%3E%3C/title%3E%27%22%3ESCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28/XSSPOSED/%29%3C/SCRIPT%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:|...

acme.org.uk XSS vulnerability

Vulnerable URL: http://www.acme.org.uk/unsub.php?email=%27%22%3E%3E%3C/title%3E%27%22%3ESCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28/XSSPOSED/%29%3C/SCRIPT%3E=3 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Public...

allylotion.com XSS vulnerability

Open Bug Bounty ID: OBB-51848 Description| Value ---|--- Affected Website:| allylotion.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...

CVE-2006-1534

Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via 1 the useremail parameter in a lostpass.php, and the 2 useremail and 3 userusername parameters in b sub.php and c unsub.php...

Sql injection

Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via 1 the useremail parameter in a lostpass.php, and the 2 useremail and 3 userusername parameters in b sub.php and c unsub.php...