36 matches found
CVE-2018-25384
Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the replytext parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users'...
CVE-2018-25384 Wikidforum 2.20 Cross-Site Scripting via reply_text Parameter
Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the replytext parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users'...
EUVD-2018-21906
Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the replytext parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users'...
CVE-2018-25384
Wikidforum 2.20 contains a cross-site scripting vulnerability: authenticated attackers can inject JavaScript by submitting crafted HTML in the reply_text parameter via the rpc.php endpoint, causing scripts to execute in other users’ browsers when viewing forum replies. The CVE entry provides this...
CVE-2018-25384 Wikidforum 2.20 Cross-Site Scripting via reply_text Parameter
Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the replytext parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users'...
WikidForum 跨站脚本漏洞
WikidForum is an open-source web-based forum management system developed by WikidForum. Version 2.20 of WikidForum has a cross-site scripting vulnerability. This vulnerability stems from the use of the replytext parameter to submit specially crafted HTML. As a result, authenticated attackers may...
PT-2026-44862
Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the reply text parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users'...
EUVD-2012-6370
Malware in sbrugna...
EUVD-2018-9813
Malware in sbrugna...
CVE-2018-18075
WikidForum 2.20 has SQL Injection via the rpc.php parentpostid or numrecords parameter, or the index.php?action=search selectsort parameter...
Wikidforum 2.20 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Wikidforum 2.20 - Cross-Site Scripting Exploit Author: Amir Hossein Mahboubi Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link:...
Wikidforum 2.20 - Cross-Site Scripting
Exploit Title: Wikidforum 2.20 - Cross-Site Scripting Date: 2018-10-10 Exploit Author: Amir Hossein Mahboubi Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link: https://sourceforge.net/projects/wikidforum/files/Wikidforum-com-ed.2.20.zip/download Version:...
Wikidforum 2.20 - Cross-Site Scripting
Wikidforum 2.20 - Cross-Site Scripting Exploit Title: Wikidforum 2.20 - Cross-Site Scripting Date: 2018-10-10 Exploit Author: Amir Hossein Mahboubi Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link:...
CVE-2018-18075
WikidForum 2.20 has SQL Injection via the rpc.php parentpostid or numrecords parameter, or the index.php?action=search selectsort parameter...
Sql injection
WikidForum 2.20 has SQL Injection via the rpc.php parentpostid or numrecords parameter, or the index.php?action=search selectsort parameter...
CVE-2018-18075
WikidForum 2.20 is affected by an SQL Injection vulnerability exposed via the rpc.php (parent_post_id or num_records) parameters, or the index.php?action=search (select_sort) parameter. The issue, reported across multiple sources, indicates that unsafely constructed SQL queries can be influenced ...
CVE-2018-18075
WikidForum 2.20 has SQL Injection via the rpc.php parentpostid or numrecords parameter, or the index.php?action=search selectsort parameter...
Wikidforum 2.20 - select_sort SQL Injection
Wikidforum 2.20 - selectsort SQL Injection Exploit Title: Wikidforum 2.20 - 'selectsort' SQL Injection Date: 2018-10-08 Exploit Author: Seccops - Siber Güvenlik Hizmetleri https://seccops.com Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link:...
Wikidforum 2.20 - message_id SQL Injection
Wikidforum 2.20 - messageid SQL Injection Exploit Title: Wikidforum 2.20 - 'messageid' SQL Injection Exploit Author: Ihsan Sencan Exploit Author: Ihsan Sencan Date: 2018-10-09 Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link:...
Wikidforum 2.20 - 'message_id' SQL Injection
Exploit Title: Wikidforum 2.20 - 'messageid' SQL Injection Exploit Author: Ihsan Sencan Exploit Author: Ihsan Sencan Date: 2018-10-09 Vendor Homepage: https://sourceforge.net/projects/wikidforum/ Software Link: https://sourceforge.net/projects/wikidforum/files/Wikidforum-com-ed.2.20.zip/download...