EUVD-2006-0451

Malware in sbrugna...

CVE-2020-19048

Cross Site Scripting XSS in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the "Title" field found in the "Add New Forum" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'...

MyBB 跨站脚本漏洞

MyBB MyBulletinBoard is a free and web-based forum software developed by MyBB MYBB team using PHP and MySQL. The software is easy to use, multi-language support, scalable and so on. A security vulnerability exists in MyBB, which stems from a cross-site scripting XSS vulnerability in version v1.8....

PT-2021-10278 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.20 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the Description field in the Add New Forum page. This can be achieved by doing an authenticated POST HTTP request to...

CVE-2019-10073

The "Blog", "Forum", "Contact Us" screens of the template "ecommerce" application bundled in Apache OFBiz are weak to Stored XSS attacks. Mitigation: Upgrade to 16.11.06 or manually apply the following commits on branch 16.11: 1858438, 1858543, 1860595 and 1860616...

S-CMS School Website Builder System SQL Injection Vulnerability at Forum Page

S-CMS school station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. A SQL injection vulnerability exists in the forum page of the S-CMS School Building System. An attacker can exploit the vulnerability to...

S-CMS School Building System SQL Injection Vulnerability at Forum Page (CNVD-2018-19275)

S-CMS school station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. A SQL injection vulnerability exists in the forum page of the S-CMS School Building System. An attacker can exploit the vulnerability to...

pudelzucht.de XSS vulnerability

Open Bug Bounty ID: OBB-627009 Description| Value ---|--- Affected Website:| pudelzucht.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

txbra.org XSS vulnerability

Open Bug Bounty ID: OBB-569104 Description| Value ---|--- Affected Website:| txbra.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Cross site scripting

Cross-site scripting XSS vulnerability in the forum page in Web Server Creator - Web Portal 0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to index.php...

CVE-2009-4548

Multiple cross-site scripting XSS vulnerabilities in ViArt Helpdesk 3.x allow remote attackers to inject arbitrary web script or HTML via the categoryid parameter to 1 products.php, 2 article.php, 3 productdetails.php, or 4 reviews.php; the 5 forumid parameter to forum.php; or the 6...

Unfixed XSS vulnerability at www.suikast.de

Security researcher St@rExT, has submitted on 09/04/2007 a cross-site-scripting XSS vulnerability affecting www.suikast.de, which at the time of submission ranked 231406 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 10/04/2007. It is currentl...

Unfixed XSS vulnerability at www.cikcik.com

Security researcher St@rExT, has submitted on 07/06/2007 a cross-site-scripting XSS vulnerability affecting www.cikcik.com, which at the time of submission ranked 47755 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/06/2007. It is currently...

Unfixed XSS vulnerability at www.rehberlikportali.com

Security researcher cyber, has submitted on 30/03/2007 a cross-site-scripting XSS vulnerability affecting www.rehberlikportali.com, which at the time of submission ranked 81624 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 31/03/2007. It is...

Sql injection

SQL injection vulnerability in index.php in Phpclanwebsite aka PCW 1.23.1 allows remote attackers to execute arbitrary SQL commands via the 1 par parameter in the post function on the forum page and possibly the 2 pollid parameter on the poll page. NOTE: the pollid vector can also allow resultant...

CVE-2006-0444

SQL injection vulnerability in index.php in Phpclanwebsite aka PCW 1.23.1 allows remote attackers to execute arbitrary SQL commands via the 1 par parameter in the post function on the forum page and possibly the 2 pollid parameter on the poll page. NOTE: the pollid vector can also allow resultant...

CVE-2006-0444

SQL injection vulnerability in index.php in Phpclanwebsite aka PCW 1.23.1 allows remote attackers to execute arbitrary SQL commands via the 1 par parameter in the post function on the forum page and possibly the 2 pollid parameter on the poll page. NOTE: the pollid vector can also allow resultant...

ProjectApp 3.3 - 'forums.asp?keywords' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16011/info ProjectApp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

CVE-2005-3073

Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, 5.0 before 5.0.2, and 5.2, when a catalog has been created using the 1 "mike", 2 "standard", or 3 "foundation" demo, allows attackers to inject Interchange Tag Language ITL elements into the forum/submit.html page...