GYM MS 1.0 Cross Site Scripting

Exploit Title: GYM MS - GYM Management System - Cross Site Scripting Stored Date: 29/09/2023 Vendor Homepage: https://phpgurukul.com/gym-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/GYM-Management-System-using-PHP.zip Version: 1.0 Last Update: 31 August 20...

GYM MS - GYM Management System - Cross Site Scripting Vulnerability

Exploit Title: GYM MS - GYM Management System - Cross Site Scripting Stored Vendor Homepage: https://phpgurukul.com/gym-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/GYM-Management-System-using-PHP.zip Version: 1.0 Last Update: 31 August 2022 Tested On: Kal...

Openfire 4.4.1 Cross Site Scripting

Information -------------------- Advisory by Netsparker Name: Multiple Cross-site Scripting Vulnerabilities in Openfire 4.4.1 Affected Software: Openfire Affected Versions: 4.4.1 Vendor Homepage: https://www.igniterealtime.org/ Vulnerability Type: Cross-site Scripting Severity: Medium Status: Fix...

Django CRM 0.2.1 Cross Site Request Forgery

Information -------------------- Advisory by Netsparker Name: Multiple CSRF Vulnerabilities in Django CRM 0.2.1 Affected Software: Django CRM Affected Versions: 0.2.1 Homepage: https://github.com/MicroPyramid/Django-CRM Vulnerability: Cross-site Request Forgery Severity: 8.8 High Status: Not Fixe...

Zurmo 3.2.6 Out Of Band Code Evaluation

Out of Band Code Evaluation Vulnerability in Zurmo 3.2.6 Information -------------------- Advisory by Netsparker Name: Out of Band Code Evaluation in Zurmo Affected Software: Zurmo Affected Versions: 3.2.6 Homepage: http://zurmo.org Vulnerability: Out of Band Code Evaluation Severity: Critical...

Zurmo 3.2.6 Open Redirection

Open Redirection Vulnerability in Zurmo 3.2.6 Information -------------------- Advisory by Netsparker Name: Open Redirection Vulnerability in Zurmo Affected Software: Zurmo Affected Versions: 3.2.6 Homepage: http://zurmo.org Vulnerability: Open Redirection Severity: Medium Status: Not Fixed...

Podcast Generator 2.7 Cross Site Scripting

Stored Cross-site Scripting Vulnerability in Podcast Generator 2.7 Information -------------------- Advisory by Netsparker Name: Stored Cross-site scripting in Podcast Generator 2.7 Affected Software: Podcast Generator Affected Versions: 2.7 Homepage: http://www.podcastgenerator.net/ Vulnerabilit...

GeniXCMS 1.1.5 Cross Site Scripting

Multiple Cross-site Scripting Vulnerabilities in GeniXCMS 1.1.5 Information -------------------- Advisory by Netsparker Name: Cross-site Scripting Vulnerabilities in GeniXCMS Affected Software: GeniXCMS Affected Versions: 1.1.5 Homepage: https://github.com/semplon/GeniXCMS Vulnerability: Cross-si...

FreshRSS 1.11.1 - Cross-Site Scripting

FreshRSS 1.11.1 - Cross-Site Scripting Multiple Cross-Site Scripting Vulnerabilities in FreshRSS 1.11.1 Information -------------------- Advisory by Netsparker Name: Multiple Cross-Site Scripting Vulnerabilities in FreshRSS Affected Software: FreshRSS Affected Versions: 1.11.1 Homepage:...

Fsociety Hacking Tools Pack

Fsociety Menu Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation INSTALL & UPDATE Information Gathering : Nmap Setoolkit Port Scanning Host To IP wordpress user CMS scanner XSStracer Dork – Google Dorks...

Google Analyticator 6.4.9.4 Cross Site Scripting

Information -------------------- Advisory by Netsparker. Name: Multiple XSS Vulnerabilities in Google Analyticator Affected Software : Google Analyticator WordPress Plugin Affected Versions: 6.4.9.4 and possibly below Vendor Homepage : https://wordpress.org/plugins/google-analyticator/...

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325

Information -------------------- Advisory by Netsparker. Name: XSS Vulnerability with QUERYSTRING and QUERYPARAMSTRING in TWiki Affected Software : TWiki Affected Versions: 6.0.1 and possibly below Vendor Homepage : http://www.twiki.org/ Vulnerability Type : Cross-site Scripting Severity :...

glFusion 1.3.0 SQL Injection

Information -------------------- Name : SQL Injection Vulnerability in glFusion Software : glFusion 1.3.0 and possibly below. Vendor Homepage : http://www.glfusion.org Vulnerability Type : Blind SQL Injection Severity : Critical Researcher : Omar Kurt Advisory Reference : NS-13-009 Description...

Achievo 1.4.5 - Multiple Vulnerabilities (1)

Information -------------------- Name : XSS, LFI and SQL Injection Vulnerabilities in Achievo Software : Achievo 1.4.5 and possibly below. Vendor Homepage : http://www.achievo.org Vulnerability Type : Cross-Site Scripting, Local File Inclusion and SQL Injection Severity : Critical Researcher :...

CMSMini 0.2.2 Cross Site Scripting

Information -------------------- Name : XSS Vulnerabilities in CMSMini Software : CMSMini 0.2.2 and possibly below. Vendor Homepage : http://sourceforge.net/projects/cmsmini/ Vulnerability Type : Cross-Site Scripting Severity : Critical Researcher : Canberk Bolat Advisory Reference : NS-12-012...

exponentcms 2.0.5 - Multiple Vulnerabilities

Information -------------------- Name : XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Software : ExponentCMS 2.0.5 and possibly below. Vendor Homepage : http://www.exponentcms.org Vulnerability Type : Cross-Site Scripting and SQL Injection Severity : Critical Researcher : Onur Yılmaz...

Cross-site scripting vulnerability in Invision Power Board version 3.2.3

Information -------------------- Name : Cross-site scripting vulnerability in Invision Power Board version 3.2.3 Software : Invision Power Board version 3.2.3 Vendor Homepage : http://www.invisionpower.com Vulnerability Type : Cross-site scripting Severity : High Researcher : Vasil A. [email protected]...

Invision Power Board 3.2.3 Cross Site Scripting

Name : Cross-site scripting vulnerability in Invision Power Board version 3.2.3 Software : Invision Power Board version 3.2.3 Vendor Homepage : http://www.invisionpower.com Vulnerability Type : Cross-site scripting Researcher : Vasil A. [email protected] Description -------------------- Invision Power...

XSS vulnerability in Joomla 1.6.3

Information -------------------- Name : XSS vulnerability in Joomla 1.6.3. Software : All 1.6.x installs prior to and including 1.6.3 are affected. Vendor Hompeage : http://www.joomla.org Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Mesut Timur mesut at mavitunasecurity...

Redmine 1.1.1 Cross Site Scripting

Information -------------------- Name : XSS vulnerability in Redmine Software : all Redmine versions from 1.0.1 to 1.1.1 Vendor Homepage : http://www.redmine.org Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Mesut Timur Advisory Reference : NS-11-004 Description...