Lucene search

K

Smiley Security Vulnerabilities

cve
cve

CVE-2012-5558

Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary web script or HTML via a smiley...

4.8CVSS

4.7AI Score

0.001EPSS

2020-01-09 09:15 PM
46
cve
cve

CVE-2015-4140

Cross-site request forgery (CSRF) vulnerability in the WP Smiley plugin 1.4.1 for WordPress allows remote attackers to hijack the authentication of editors for requests that conduct cross-site scripting (XSS) attacks via the s4w-more parameter to the smilies4wp.php page to...

6.7AI Score

0.004EPSS

2015-06-18 06:59 PM
16
cve
cve

CVE-2015-4139

Cross-site scripting (XSS) vulnerability in smilies4wp.php in the WP Smiley plugin 1.4.1 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the s4w-more parameter to...

5.5AI Score

0.001EPSS

2015-06-18 06:59 PM
15
cve
cve

CVE-2006-6541

PHP remote file inclusion vulnerability in signer/final.php in warez distributions of Animated Smiley Generator allows remote attackers to execute arbitrary PHP code via a URL in the smiley parameter. NOTE: the vendor disputes this issue, stating that only Warez versions of Animated Smiley...

7.9AI Score

0.046EPSS

2006-12-14 02:28 AM
23
cve
cve

CVE-2006-5952

SQL injection vulnerability in admin/default.asp in ASP Smiley 1.0 allows remote attackers to execute arbitrary SQL commands via the Username...

8.8AI Score

0.098EPSS

2006-11-17 12:07 AM
19
cve
cve

CVE-2006-5238

Unspecified vulnerability in the file upload module in Blue Smiley Organizer before 4.45 has unknown impact and attack...

7AI Score

0.004EPSS

2006-10-12 12:07 AM
17
cve
cve

CVE-2006-5237

SQL injection vulnerability in Blue Smiley Organizer before 4.46 allows remote attackers to execute arbitrary SQL commands via unspecified...

8.8AI Score

0.003EPSS

2006-10-12 12:07 AM
19