30 matches found
Wordfence <= 5.1.4 - Cross-Site Scripting (XSS)
An attacker can inject arbitrary script via the vulnerable query string parameter val of the whois.php file...
all-nettools.com XSS vulnerability
Open Bug Bounty ID: OBB-52243 Description| Value ---|--- Affected Website:| all-nettools.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
Unfixed XSS vulnerability at www.serveurs-hebergement.com
Security researcher Mystick, has submitted on 11/10/2008 a cross-site-scripting XSS vulnerability affecting www.serveurs-hebergement.com, which at the time of submission ranked 10933630 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/11/2008...
CVE-2008-4318
Observer 0.3.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter to 1 whois.php or 2 netcmd.php...
CVE-2008-4318
Observer 0.3.2.1 and earlier are affected by CVE-2008-4318, where remote attackers can execute arbitrary commands by injecting shell metacharacters into the query parameter of whois.php or netcmd.php. The vulnerability is reported as a vulnerable remote command execution in these PHP scripts, but...
CVE-2007-4334
The CVE-2007-4334 entry describes a cross-site scripting (XSS) vulnerability in Php-stats 0.1.9.2, specifically in whois.php. The underlying issue is an injection of arbitrary script/HTML via the IP parameter. This could allow an attacker to execute code in a victim’s browser when viewing the aff...
phpstats-xss.txt
I have found an xss in whois.php page of php-stats. http://phpstats.net/ Here is the XSS php-stats-path/whois.php?IP=%22%3E%3Cscript%3Ealertdocument.cookie;%3C/script%3E...
php-stats xss whois.php
I have found an xss in whois.php page of php-stats. http://phpstats.net/ Here is the XSS php-stats-path/whois.php?IP=223E3Cscript3Ealertdocument.cookie;3C/script3E...
PHP-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting
PHP-Stats 0.1.9.2 - WhoIs.php Cross-Site Scripting source: https://www.securityfocus.com/bid/25275/info Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scrip...
PHP-Stats 0.1.9.2 - 'WhoIs.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25275/info Php-Stats is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...