SQL Injection

terminal42/contao-tablelookupwizard is vulnerable to SQL Injection. The vulnerability is caused by insufficient sanitization of widget values before they are passed to the database, which allows an attacker to execute arbitrary SQL commands...

PHPJ Callback Widget 1.0 Cross Site Scripting

Title: PHPJ-Callback-Widget-1.0-XSS-Stored-admin-Hijacking Author: nu11secur1ty Date: 01/26/2024 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/callback-widget/ Reference: https://portswigger.net/web-security/cross-site-scripting Description: The Callback Requests functi...