EUVD-2019-4865

Malware in sbrugna...

CVE-2019-13364

admin.php?page=accountbilling in Piwigo 2.9.5 has XSS via the vatnumber, billingname, company, or billingaddress parameter. This is exploitable via CSRF...

PT-2023-11795 · Thinkific · Thinkific Online Course Creation Platform

Name of the Vulnerable Software and Affected Versions: Thinkific Thinkific Online Course Creation Platform version 1.0 Description: The issue is related to a Cross Site Scripting XSS vulnerability, allowing an attacker to execute arbitrary code remotely. The vulnerable component is the source cod...

Piwigo Cross-Site Scripting Vulnerability (CNVD-2019-31999)

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time, and more. A cross-site scripting vulnerability exists in Piwigo version 2.9.5 in admin.php?page=accountbilling. The vulnerability...

PT-2019-13294 · Piwigo · Piwigo

Name of the Vulnerable Software and Affected Versions: Piwigo version 2.9.5 Description: The issue concerns an XSS exploit via the "admin.php?page=account billing" endpoint, specifically through the vat number, billing name, company, or billing address parameters. This is also exploitable through...

Threat Outbreak Alert: Fake Account Billing Invoice Email Messages on July 11, 2013

Medium Alert ID: 30046 First Published: 2013 July 11 13:53 GMT Last Updated: 2013 July 12 11:41 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an account billing invoice notification for the recipient. The text in the...

Design/Logic Flaw

vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the 1 Account Billing Address and 2 Shipping Address fields in a profile by creating a Sales Order SO associated with that profile...