CVE-2025-50671

Summary : CVE-2025-50671 affects the D-Link DI-8003 firmware version 16.07.26A1 via a buffer overflow in the /xwgl_ref.asp endpoint. The issue arises from improper handling of request parameters, where crafted HTTP GETs with excessively long strings in name, en, user_id, shibie_name, time, act, l...

EUVD-2007-6518

Malware in sbrugna...

EUVD-2020-10587

Malware in sbrugna...

PT-2023-32512 · Unknown · Ics Business Manager

Name of the Vulnerable Software and Affected Versions: ICS Business Manager version 7.06.0028.7066 Description: A security issue has been identified, allowing a remote attacker to send a specially crafted string, exploiting the obdd act parameter. This could enable the attacker to steal an...

CVE-2023-39002

A cross-site scripting XSS vulnerability in the act parameter of systemcertmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2023-39002

A cross-site scripting XSS vulnerability in the act parameter of systemcertmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2023-39002

A cross-site scripting XSS vulnerability in the act parameter of systemcertmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Deciso OPNsense Cross-Site Scripting Vulnerability

Deciso OPNsense is a FreeBSD-based open source firewall and routing software from the Dutch company Deciso. A cross-site scripting vulnerability exists in OPNsense versions prior to 23.7, which stems from a cross-site scripting XSS vulnerability in the act parameter of the systemcertmanager.php...

CVE-2023-39002

A cross-site scripting XSS vulnerability in the act parameter of systemcertmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2017-20142

A vulnerability classified as critical was found in Itech Movie Portal Script 7.36. This vulnerability affects unknown code of the file /artist-display.php. The manipulation of the argument act leads to sql injection Union. The attack can be initiated remotely. The exploit has been disclosed to t...

GNUBOARD5 cross-site scripting vulnerability (CNVD-2021-45753)

GNUBOARD5 is a Web forum system based on PHP and MySQL. A cross-site scripting vulnerability exists in GNUBOARD5 5.3.2.8 and earlier versions. The vulnerability can be exploited to conduct cross-site scripting attacks via the act parameter in bbs/moveupdate.php...

CVE-2020-18663

Cross Site Scripting XSS vulnerability in gnuboard5 =v5.3.2.8 via the act parameter in bbs/moveupdate.php...

Cross site scripting

Cross Site Scripting XSS vulnerability in gnuboard5 =v5.3.2.8 via the act parameter in bbs/moveupdate.php...

PT-2021-10202 · Gnuboard5 · Gnuboard5

Name of the Vulnerable Software and Affected Versions: gnuboard5 versions prior to 5.3.2.8 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It can be exploited via the act parameter in the "bbs/move update.php" endpoint. Recommendations: For versions prior to 5.3.2.8...

gnuboard5 跨站脚本漏洞

GNUBOARD5 is a Web forum system based on PHP and MySQL. A cross-site scripting vulnerability exists in GNUBOARD5 5.3.2.8 and earlier versions. The vulnerability can be exploited to conduct cross-site scripting attacks via the act parameter in bbs/moveupdate.php...

CVE-2011-3611

A File Inclusion vulnerability exists in act parameter to admin.php in UseBB before 1.0.12...

CVE-2018-15678

An issue was discovered in BTITeam XBTIT 2.5.4. The "act" parameter in the sign-up page available at /index.php?page=signup is vulnerable to reflected cross-site scripting...

ASUSTOR AS6202T ADM Insecure Direct Object Reference Vulnerability

ADM ASUSTOR Data Manager is the operating system and user interface for ASUSTOR NAS. An insecure direct object reference vulnerability exists in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3. An attacker could use this vulnerability to reference the "downloadsyssettings" action to arbitrarily...

HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow

No description provided by source. $Id: hpnnmsnmpvieweractapp.rb 12098 2011-03-23 15:47:20Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

WWWThreads Cross Site Scripting

www.eVuln.com advisory: XSS vulnerability in WWWThreads php version Summary: http://evuln.com/vulns/155/summary.html Details: http://evuln.com/vulns/155/description.html -----------Summary----------- eVuln ID: EV0155 Software: n/a Vendor: WWWThreads Version: 2006.11.25 Critical Level: low Type:...