49 matches found
EUVD-2018-7549
Malware in sbrugna...
EUVD-2018-7553
Malware in sbrugna...
EUVD-2018-7548
Malware in sbrugna...
EUVD-2018-9612
Malware in sbrugna...
EUVD-2018-7554
Malware in sbrugna...
EUVD-2018-7550
Malware in sbrugna...
EUVD-2018-7551
Malware in sbrugna...
EUVD-2018-7547
Malware in sbrugna...
CVE-2018-17870
An issue was discovered in BTITeam XBTIT 2.5.4. The "returnto" parameter of accountchange.php is vulnerable to an open redirect, a different vulnerability than CVE-2018-15683...
Open redirect
An issue was discovered in BTITeam XBTIT 2.5.4. The "returnto" parameter of accountchange.php is vulnerable to an open redirect, a different vulnerability than CVE-2018-15683...
BTITeam XBTIT cross-site scripting vulnerability (CNVD-2018-19430)
BTITeam XBTIT is an open source bittorrent tracking system. A cross-site scripting vulnerability exists in BTITeam XBTIT. Attackers can use the 'String.replace' function and 'eval' function to exploit the vulnerability to bypass the includes/crkprotection.php script of the anti-cross-site scripti...
BTITeam XBTIT Cross-Site Scripting Vulnerability (CNVD-2019-28273)
XBTIT is an open source tracking software. A stored cross-site scripting vulnerability exists in newsfeed /index.php?page=viewnews in BTITeam XBTIT 2.5.4. An attacker can exploit this vulnerability to conduct a cross-site scripting attack via the headline of a news item...
CVE-2018-16361
An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter...
CVE-2018-16361
An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter...
CVE-2018-15684
An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory /include/logs using predictable file names, which can lead to full path disclosure and leakage of sensitive data...
CVE-2018-15684
An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory /include/logs using predictable file names, which can lead to full path disclosure and leakage of sensitive data...
CVE-2018-15678
An issue was discovered in BTITeam XBTIT 2.5.4. The "act" parameter in the sign-up page available at /index.php?page=signup is vulnerable to reflected cross-site scripting...
CVE-2018-15681
An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully steals this cookie c...
CVE-2018-15677
The newsfeed aka /index.php?page=viewnews in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF...
CVE-2018-15679
An issue was discovered in BTITeam XBTIT 2.5.4. The "keywords" parameter in the search function available at /index.php?page=forums&action=search is vulnerable to reflected cross-site scripting...