Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2021-41082 | CWE-79 | $500 | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | Critical | Remote | 2006-09-05 |
:: IwebNegar v1.1 Multiple vulnerabilities :: ------------------------------------------------ Software : IwebNegar v1.1 Website : ---- Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter "comment" are not properly sanitized in "comments.php". This can be used to post arbitrary HTML or web script code. attacked by comments.php with field comment & ... II. SQL Injection Vulnerability ------------------------------------------------- Parameter "id" is not properly sanitized before being used in SQL query. vulnerable Page is : "comments.php". This can be used make any SQL query by injecting arbitrary SQL code. Attacker can be execute this url : comments.php?id=[SQL Query]
Copyright ©2024 Exploitalert.