40 matches found
Cross site scripting
FeehiCMS v2.1.1 was discovered to contain a cross-site scripting XSS vulnerability via a crafted payload injected into the Comment box under the Single Page module...
CVE-2022-40408
FeehiCMS v2.1.1 was discovered to contain a cross-site scripting XSS vulnerability via a crafted payload injected into the Comment box under the Single Page module...
FeehiCMS 跨站脚本漏洞
FeehiCMS is a Php-based CMS builder by Liufee's personal developer. feehiCMS version v2.1.1 has a security vulnerability that stems from the ability to inject carefully crafted payloads via the comment box under the single page module. No detailed vulnerability details are currently available...
PT-2022-25371 · Feehicms · Feehicms
Name of the Vulnerable Software and Affected Versions: FeehiCMS versions 2.0.1.1 and prior Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability can be exploited via a crafted payload injected into the Comment box under the Single Page module...
CVE-2022-27961
A cross-site scripting XSS vulnerability at /ofcms/company-c-47 in OFCMS v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment text box...
CVE-2019-13341
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...
CVE-2019-13341
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...
Cross site scripting
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...
CVE-2019-13341
In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php comment box, which can be used to get a user's cookie...
MyBB My Arcade Plugin 1.3 - Cross-Site Scripting
MyBB My Arcade Plugin 1.3 - Cross-Site Scripting Exploit Title: MyBB My Arcade Plugin v1.3 - Persistent XSS Date: 2/21/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=411 Version: 1.3 Tested on: Ubuntu...
Wordpress NOSpamPTI Plugin - Blind SQL Injection Vulnerability
Exploit for php platform in category web applications NOSpamPTI Wordpress plugin Blind SQL Injection Vendor product description NOSpamPTI eliminates the spam in your comment box so strong and free, developed from the idea of Nando Vieira http://bit.ly/d38gB8, but some themes do not support change...
WordPress Plugin NOSpamPTI - Blind SQL Injection
NOSpamPTI Wordpress plugin Blind SQL Injection Vendor product description NOSpamPTI eliminates the spam in your comment box so strong and free, developed from the idea of Nando Vieira http://bit.ly/d38gB8, but some themes do not support changes to the functions.php to this we alter this function...
WordPress NOSpamPTI 2.1 Blind SQL Injection Vulnerability
WordPress NOSpamPTI plugin version 2.1 suffers from a remote blind SQL injection vulnerability. NOSpamPTI Wordpress plugin Blind SQL Injection Vendor product description NOSpamPTI eliminates the spam in your comment box so strong and free, developed from the idea of Nando Vieira...
CVE-2010-4371
Buffer overflow in the inmod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box...
Buffer overflow
Buffer overflow in the inmod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box...
CVE-2010-4371
Buffer overflow in the inmod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box...
CVE-2010-4371
CVE-2010-4371 is a buffer overflow in Winamp’s in_mod plugin (pre-5.6) exploitable via the comment box. The OpenVAS/NVD records confirm the affected component and version range, with the root cause being a buffer overflow in in_mod. Impact is described as unspecified in the source, and no remedia...
CVE-2010-1048
Cross-site scripting XSS vulnerability in blog/index.php in Uiga Business Portal allows remote attackers to inject arbitrary web script or HTML via the textcomment parameter aka the Comment Box in a noentryid action. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in blog/index.php in Uiga Business Portal allows remote attackers to inject arbitrary web script or HTML via the textcomment parameter aka the Comment Box in a noentryid action. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in assess.php in evalSMSI 2.1.03 allows remote attackers to inject arbitrary web script or HTML via the reports comment box in a continueassess action. NOTE: some of these details are obtained from third party information...