GO-2026-4626 Gokapi has privilege escalation via incomplete API-key permission revocation on user rank demotion in github.com/forceu/gokapi

Gokapi has privilege escalation via incomplete API-key permission revocation on user rank demotion in github.com/forceu/gokapi. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

EUVD-2020-17813

Malware in sbrugna...

CVE-2020-25122

The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager...

CVE-2020-25122

The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager...

Cross site scripting

The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager...

CVE-2020-25122

The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager...

CVE-2020-25122

CVE-2020-25122 affects the Admin CP of vBulletin 5.6.3 . The vulnerability is an XSS via a Rank Type to the User Rank Manager . According to CVSS data in the sources, the issue has a Network attack vector with Medium to Low impact depending on the metric (CVSS 3.1: base score 4.8, MEDIUM, require...

Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities

Exploit for php platform in category web applications Administrator optionsModify Current Theme" or use site.com/members/console.php?cID=61. You can then insert the PHP code of your choosing into Footer. In order to add or edit code you are required to provide a special Admin Key that was defined...

vBulletin adminCP Cross-Site Scripting

No description provided by source. .::vBulletin adminCP Cross-Site Scripting ::. Exploit Title: vBulletin adminCP Cross-Site Scripting Date: 2009 Author: Ashiyane Digital Security Members Cair3x Software Link: http://www.vbulletin.com/ Version: 3.8.4 and all Version Tested on: vBulletin 3.8.4 CVE...

vBulletin adminCP Cross Site Scripting

.::vBulletin adminCP Cross-Site Scripting ::. Exploit Title: vBulletin adminCP Cross-Site Scripting Date: 2009 Author: Ashiyane Digital Security Members Cair3x Software Link: http://www.vbulletin.com/ Version: 3.8.4 and all Version Tested on: vBulletin 3.8.4 CVE : Code : -::Forum Manager = Add Ne...

CVE-2007-0830

Multiple cross-site scripting XSS vulnerabilities in the Admin Control Panel AdminCP in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the 1 User Group Manager, 2 User Rank Manager, 3 User Title Manager, ...

CVE-2007-0830

Multiple cross-site scripting XSS vulnerabilities in the Admin Control Panel AdminCP in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the 1 User Group Manager, 2 User Rank Manager, 3 User Title Manager, ...

PT-2007-2273 · Vbulletin · Vbulletin

Name of the Vulnerable Software and Affected Versions: vBulletin version 3.6.4 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities in the Admin Control Panel AdminCP of vBulletin. These vulnerabilities allow remote authenticated administrators to inject arbitrary web...

VBulletin AdminCP Index.PHP Multiple Cross-Site Scripting Vulnerability

VBulletin AdminCP Index.PHP Multiple Cross-Site Scripting Vulnerability vBulletin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker could exploit this vulnerability to have arbitrary script code execute in the...