Lucene search
K

30 matches found

WPVulnDB
WPVulnDB
added 2014/12/08 1:19 p.m.15 views

Wordfence <= 5.1.4 - Cross-Site Scripting (XSS)

An attacker can inject arbitrary script via the vulnerable query string parameter val of the whois.php file...

4.3CVSS3.1AI score0.0119EPSS
Exploits0Affected Software1
Openbugbounty
Openbugbounty
added 2014/10/28 9:23 a.m.10 views

all-nettools.com XSS vulnerability

Open Bug Bounty ID: OBB-52243 Description| Value ---|--- Affected Website:| all-nettools.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
xssed
xssed
added 2008/11/10 12:0 a.m.9 views

Unfixed XSS vulnerability at www.serveurs-hebergement.com

Security researcher Mystick, has submitted on 11/10/2008 a cross-site-scripting XSS vulnerability affecting www.serveurs-hebergement.com, which at the time of submission ranked 10933630 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/11/2008...

Exploits0References1
NVD
NVD
added 2008/09/29 7:25 p.m.44 views

CVE-2008-4318

Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to 1 whois.php or 2 netcmd.php...

10CVSS7.7AI score0.14037EPSS
Exploits0References3
CVE
CVE
added 2008/09/29 6:0 p.m.43 views

CVE-2008-4318

Observer 0.3.2.1 and earlier are affected by CVE-2008-4318, where remote attackers can execute arbitrary commands by injecting shell metacharacters into the query parameter of whois.php or netcmd.php. The vulnerability is reported as a vulnerable remote command execution in these PHP scripts, but...

10CVSS7.7AI score0.14037EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/08/14 6:0 p.m.45 views

CVE-2007-4334

The CVE-2007-4334 entry describes a cross-site scripting (XSS) vulnerability in Php-stats 0.1.9.2, specifically in whois.php. The underlying issue is an injection of arbitrary script/HTML via the IP parameter. This could allow an attacker to execute code in a victim’s browser when viewing the aff...

4.3CVSS5.6AI score0.01773EPSS
Exploits1References6Affected Software1
Packet Storm
Packet Storm
added 2007/08/14 12:0 a.m.25 views

phpstats-xss.txt

I have found an xss in whois.php page of php-stats. http://phpstats.net/ Here is the XSS php-stats-path/whois.php?IP=%22%3E%3Cscript%3Ealertdocument.cookie;%3C/script%3E...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/08/13 12:0 a.m.53 views

php-stats xss whois.php

I have found an xss in whois.php page of php-stats. http://phpstats.net/ Here is the XSS php-stats-path/whois.php?IP=223E3Cscript3Ealertdocument.cookie;3C/script3E...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2007/08/11 12:0 a.m.11 views

PHP-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting

PHP-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting source: https://www.securityfocus.com/bid/25275/info Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/08/11 12:0 a.m.22 views

PHP-Stats 0.1.9.2 - &#039;WhoIs.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/25275/info Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

7.4AI score
Exploits0
Rows per page
Query Builder