49 matches found
EUVD-2018-7549
Malware in sbrugna...
EUVD-2018-7553
Malware in sbrugna...
EUVD-2018-7548
Malware in sbrugna...
EUVD-2018-9612
Malware in sbrugna...
EUVD-2018-7554
Malware in sbrugna...
EUVD-2018-7550
Malware in sbrugna...
EUVD-2018-7551
Malware in sbrugna...
EUVD-2018-7547
Malware in sbrugna...
CVE-2018-17870
An issue was discovered in BTITeam XBTIT 2.5.4. The "returnto" parameter of accountchange.php is vulnerable to an open redirect, a different vulnerability than CVE-2018-15683...
Open redirect
An issue was discovered in BTITeam XBTIT 2.5.4. The "returnto" parameter of accountchange.php is vulnerable to an open redirect, a different vulnerability than CVE-2018-15683...
BTITeam XBTIT cross-site scripting vulnerability (CNVD-2018-19430)
BTITeam XBTIT is an open source bittorrent tracking system. A cross-site scripting vulnerability exists in BTITeam XBTIT. Attackers can use the 'String.replace' function and 'eval' function to exploit the vulnerability to bypass the includes/crkprotection.php script of the anti-cross-site scripti...
BTITeam XBTIT Cross-Site Scripting Vulnerability (CNVD-2019-28273)
XBTIT is an open source tracking software. A stored cross-site scripting vulnerability exists in newsfeed /index.php?page=viewnews in BTITeam XBTIT 2.5.4. An attacker can exploit this vulnerability to conduct a cross-site scripting attack via the headline of a news item...
CVE-2018-16361
An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter...
CVE-2018-16361
An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter...
CVE-2018-15684
An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory /include/logs using predictable file names, which can lead to full path disclosure and leakage of sensitive data...
CVE-2018-15684
An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory /include/logs using predictable file names, which can lead to full path disclosure and leakage of sensitive data...
CVE-2018-15678
An issue was discovered in BTITeam XBTIT 2.5.4. The "act" parameter in the sign-up page available at /index.php?page=signup is vulnerable to reflected cross-site scripting...
CVE-2018-15680
An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtitusers table are stored as unsalted MD5 hashes, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack...
CVE-2018-15679
An issue was discovered in BTITeam XBTIT 2.5.4. The "keywords" parameter in the search function available at /index.php?page=forums&action=search is vulnerable to reflected cross-site scripting...
CVE-2018-15681
An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully steals this cookie c...