362 matches found
EUVD-2005-4021
Malware in sbrugna...
EUVD-2006-3750
Malware in sbrugna...
EUVD-2011-5059
Malware in sbrugna...
EUVD-2006-2699
Malware in sbrugna...
EUVD-2009-3005
Malware in sbrugna...
EUVD-2002-0096
Malware in sbrugna...
EUVD-2023-50320
Malicious code in bioql PyPI...
EUVD-2023-50319
Malicious code in bioql PyPI...
EUVD-2023-41662
Malicious code in bioql PyPI...
EUVD-2023-41661
Malicious code in bioql PyPI...
CVE-2023-37787
Multiple cross-site scripting XSS vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of /admin/router.php...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
CVE-2011-4942
Multiple cross-site scripting XSS vulnerabilities in admin/configuration.php in Geeklog before 1.7.1sr1 allow remote attackers to inject arbitrary web script or HTML via the 1 subgroup or 2 confgroup parameters. NOTE: this vulnerability might require a user-assisted attack or a bypass of a CSRF...
CVE-2011-4647
Multiple cross-site scripting XSS vulnerabilities in the story creation feature in Geeklog 1.8.0 allow remote attackers to inject arbitrary web script or HTML via the 1 code or 2 raw BBcode tags...
CVE-2011-5159
Cross-site scripting XSS vulnerability in admin/configuration.php in Geeklog before 1.7.1sr1 allows remote attackers to inject arbitrary web script or HTML via the subgroup parameter, a different vulnerability than CVE-2011-4942...
CVE-2002-1917
CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 allows remote attackers to obtain e-mail addresses by injecting a CRLF into the Subject field and adding a BCC mail header...
CVE-2005-4725
Geeklog before 1.3.11sr3 allows remote attackers to bypass intended access restrictions and comment on an arbitrary story or topic by guessing the story ID...
Geeklog grp_desc parameter cross-site scripting vulnerability
Geeklog is free and open source blogging software. A cross-site scripting vulnerability exists in the Geeklog grpdesc parameter due to an incorrect validation of user-supplied input by the publichtml/admin/group.php script. An attacker could use the vulnerability to steal the victim's cookie-base...
Geeklog Ping Parameter Cross-Site Scripting Vulnerability
Geeklog is Geeklog open source an open source software . Can be used as Weblog, CMS or Web Portal. Geeklog v2.2.2 version of the cross-site scripting vulnerability , the vulnerability stems from the application of the user-supplied data lack of effective filtering and escaping , a remote attacker...
CVE-2023-46058
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...