3 matches found
CVE-2025-34318 IPFire < v2.29 Stored XSS via DNS Creation (proxy.cgi)
IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLSHOSTNAME, UPSTREAMUSER, UPSTREAMPASSWORD, ADMINMAILADDRESS, and ADMINPASSWORD parameters when adding a new...
Human Resource PMS 1.4 Database Disclosure
==================================================================================================================================== | Title : Human Resource PMS v1.4 Database Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
NavBoard 2.6.0 - Remote Code Execution
"; print ""; print ""; print "Main forum settings"; print ""; print "Board Title"; print ""; print ""; print ""; print "Admin email address blank will not display"; print ""; print "input ty...