12 matches found
Clansphere CMS 2011.4 Cross Site Scripting
Exploit Title: Clansphere CMS 2011.4 - Stored Cross-Site Scripting XSS Exploit Author: Sinem Şahin Date: 2022-10-08 Vendor Homepage: https://www.csphere.eu/ Version: 2011.4 Tested on: Windows & XAMPP == Tutorial http://HOST/index.php?mod=buddys&action=create&id=925872 2- Write XSS Payload into th...
CVE-2022-43119
A cross-site scripting XSS vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter...
sphere 跨站脚本漏洞
OpenSourceCMS.com Clansphere CMS is an OpenSourceCMS.com open source application. Provides a CMS framework for building websites. A cross-site scripting vulnerability exists in Clansphere CMS v2011.4. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a special...
PT-2022-26761 · Unknown · Clansphere Cms
Name of the Vulnerable Software and Affected Versions: Clansphere CMS version 2011.4 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter. Recommendations: For Clansphere CMS version...
Clansphere Cross-Site Scripting Vulnerability
ClanSphere is a modular Web-CMS. A cross-site scripting vulnerability exists in Clansphere 2011.4. The vulnerability can be exploited to inject JavaScript via the "module" parameter...
Design/Logic Flaw
Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter...
CVE-2021-27309
Clansphere CMS 2011.4 is affected by an unauthenticated reflected Cross‑Site Scripting vulnerability via the "module" parameter. Exploitation could execute arbitrary JavaScript in the victim’s browser, potentially enabling session hijacking, defacement, or information theft. Remediation is to upg...
OpenSourceCMS.com Clansphere CMS 跨站脚本漏洞
ClanSphere is a modular Web-CMS. A cross-site scripting vulnerability exists in Clansphere 2011.4. The vulnerability can be exploited to inject JavaScript via the "language" parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in ClanSphere 2011.4 allows remote attackers to inject arbitrary web script or HTML via the where parameter in a list action to index.php...
CVE-2014-100010
ClanSphere 2011.4 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the where parameter in a list action to index.php. The vulnerability is supported by multiple sources (NVD and OpenVAS) with a CVSS v2 base score of ...
[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability
HTTPCS Advisory : HTTPCS127 Product : ClanSphere Version : 2011.4 Date : 2014-03-07 Criticality level : Less Critical Description : A vulnerability has been discovered in ClanSphere, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'where'...
ClanSphere 2011.4 Cross Site Scripting
HTTPCS Advisory : HTTPCS127 Product : ClanSphere Version : 2011.4 Date : 2014-03-07 Criticality level : Less Critical Description : A vulnerability has been discovered in ClanSphere, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'where'...