55 matches found
EUVD-2015-5488
Malware in sbrugna...
EUVD-2012-4853
Malware in sbrugna...
EUVD-2012-0897
Malware in sbrugna...
EUVD-2014-8927
Malware in sbrugna...
CVE-2014-9101
Multiple cross-site request forgery CSRF vulnerabilities in Oxwall 1.7.0 build 7907 and 7906 and SkaDate Lite 2.0 build 7651 allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks or possibly have other unspecified impact v...
PT-2024-10976 · Oxwall · Oxwall
Name of the Vulnerable Software and Affected Versions: Oxwall version 1.8.7 Description: The issue allows an attacker to execute arbitrary commands via Phar deserialization or internal API server or via the url parameter. Recommendations: For Oxwall version 1.8.7, update to a version that fixes...
Oxwall (build 9900) has multiple vulnerabilities
Oxwall is a free, open source, community software platform based on PHP and MySQL. A cross-site scripting and URL redirection vulnerability exists in Oxwall version 1.8.0 build 9900. An attacker can exploit this vulnerability to perform unauthorized operations and view other user account...
Oxwall 1.8.0 Build 9900 Cross Site Scripting / Open Redirect
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Oxwall 1.8.0 build 9900 Fixed in: 1.8.2 Fixed Version Link: https://developers.oxwall.com/download Vendor Website: http://www.oxwall.org/ Vulnerability Type: XSS & Open Redirect Remote Exploitable: Yes Reported to vendor:...
Oxwall Forum Cross-Site Scripting Vulnerability
Oxwall is a web-based software platform that facilitates the use of PHP/MySQL. Oxwall Forum suffers from a cross-site scripting vulnerability that allows remote attackers to execute malicious code on the application side as a low-privileged user...
Oxwall Forum v1.8.1 - Persistent Cross Site Vulnerability
Document Title: =============== Oxwall Forum v1.8.1 - Persistent Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1740 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID VL-ID: ====================================...
Oxwall Forum v1.8.1 - Persistent Cross Site Vulnerability
Document Title: =============== Oxwall Forum v1.8.1 - Persistent Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1740 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID VL-ID: ====================================...
Oxwall Forum 1.8.1 Cross Site Scripting
Document Title: =============== Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1740 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID VL-ID:...
Oxwall跨站请求伪造漏洞
No description provided by source...
CVE-2015-5534
Multiple cross-site request forgery CSRF vulnerabilities in Oxwall before 1.8 allow remote attackers to hijack the authentication of administrators for requests that 1 put the website under maintenance via the maintenanceenable parameter or 2 conduct cross-site scripting XSS attacks via the...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Oxwall before 1.8 allow remote attackers to hijack the authentication of administrators for requests that 1 put the website under maintenance via the maintenanceenable parameter or 2 conduct cross-site scripting XSS attacks via the...
CVE-2015-5534
CVE-2015-5534 affects Oxwall before 1.8. The vulnerability is a Cross-Site Request Forgery (CSRF) in the admin maintenance workflow: requests with maintenance_enable or maintenance_text parameters can be crafted by an attacker to hijack an administrator’s session and perform actions on the admin/...
CVE-2015-5534
Multiple cross-site request forgery CSRF vulnerabilities in Oxwall before 1.8 allow remote attackers to hijack the authentication of administrators for requests that 1 put the website under maintenance via the maintenanceenable parameter or 2 conduct cross-site scripting XSS attacks via the...
Oxwall Cross-Site Request Forgery Vulnerability
Oxwall is a fully functional SNS social networking system developed using PHP+MySQL. Oxwall has a cross-site request forgery vulnerability. The "/admin/pages/maintenance" script fails to properly validate the origin of HTTP requests. Allowing an attacker to steal cookies from other users, spread...
Oxwall 1.7.4 - Cross-Site Request Forgery
Oxwall 1.7.4 - Cross-Site Request Forgery Advisory ID: HTB23266 Product: Oxwall Vendor: http://www.oxwall.org Vulnerable Versions: 1.7.4 and probably prior Tested Version: 1.7.4 Advisory Publication: July 1, 2015 without technical details Vendor Notification: July 1, 2015 Vendor Patch: September ...
Oxwall 1.7.4 - Cross-Site Request Forgery
Advisory ID: HTB23266 Product: Oxwall Vendor: http://www.oxwall.org Vulnerable Versions: 1.7.4 and probably prior Tested Version: 1.7.4 Advisory Publication: July 1, 2015 without technical details Vendor Notification: July 1, 2015 Vendor Patch: September 8, 2015 Public Disclosure: October 22, 201...