8 matches found
CVE-2025-13185
A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...
CVE-2025-13185
A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...
CVE-2025-13185
A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...
EUVD-2025-197658
A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...
Bdtask News365 ไปฃ็ ้ฎ้ขๆผๆด
Bdtask News365 is a web magazine software from Bdtask Bangladesh. A code issue vulnerability exists in Bdtask News365 7.0.3 and earlier versions, which stems from incorrect manipulation of the parameters profileimage/bannerimage in the file /admin/dashboard/profile, which may result in unlimited...
CVE-2025-61997 OPEXUS FOIAXpress stored XSS via banner image
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Enterprise Banner image upload field. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the...
CVE-2022-3992 SourceCodester Sanitization Management System Banner Image cross site scripting
A vulnerability classified as problematic was found in SourceCodester Sanitization Management System. Affected by this vulnerability is an unknown functionality of the file admin/?page=systeminfo of the component Banner Image Handler. The manipulation leads to cross site scripting. The attack can...
MyBB Timeline Plugin 1.0 - Persistent Cross-Site Scripting
Exploit Title: MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF Date: 1/21/2021 Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1428 Version: 1.0 Tested on: Windows 10 1. Description: MyBB Timeline replaces the default MyBB user profile. This introduces...