CVE-2017-20187 Magnesium-PHP Base.php formatEmailString injection

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Magnesium-PHP up to 0.3.0. It has been classified as problematic. Affected is the function formatEmailString of the file src/Magnesium/Message/Base.php. The manipulation of the argument email/name leads to injection. Upgrading to version 0.3....

CVE-2017-20187 Magnesium-PHP Base.php formatEmailString injection

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Magnesium-PHP up to 0.3.0. It has been classified as problematic. Affected is the function formatEmailString of the file src/Magnesium/Message/Base.php. The manipulation of the argument email/name leads to injection. Upgrading to version 0.3....

CVE-2021-38352

The Feedify – Web Push Notifications WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the feedifymsg parameter found in the /includes/base.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.8...

Cross site scripting

The Feedify – Web Push Notifications WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the feedifymsg parameter found in the /includes/base.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.8...

Hive 2.0 RC2 XSS / Code Execution / SQL Injection

| Title : Hive v2.0 RC2 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : "Powered by DigitalHive" | Tested on: windows 8.1 Français V.Pro | Bug : Stop Script | Download : http:///www.digitalhive.com ======================================= Stop SCript working :...

DigitalHive <= 2.0 RC2 (user_id) Remote SQL Injection Exploit

No description provided by source. !-- Hive v2.0 RC2 Remote SQL Injection c0ded by j0j0 -- html head style type=text/css body margin:3%; font-size:10px; color:FFFFFF; font-family:Verdana,Arial; background-color:1a1a1a; text-align: center; input background:303030; color:FFFFFF;...

230CMS Remote Code Execution Exploit

Exploit for php platform in category web applications '; $defaulttime = isset$POST'defaulttime' ? $POST'defaulttime' : 'UTC'; $dbhost = isset$POST'dbhost' ? $POST'dbhost' : 'localhost'; $dbname = isset$POST'dbname' ? $POST'dbname' : ''; $dbuser = isset$POST'dbuser' ? $POST'db...

CVE-2012-1209

CVE-2012-1209 describes a cross-site scripting (XSS) vulnerability in Fork CMS. The issue is in the backend/core/engine/base.php file for Fork CMS versions around 3.2.4 and possibly earlier than 3.2.5, where an attacker could inject arbitrary web script or HTML via the highlight parameter. The vu...

CVE-2008-1985

Cross-site scripting XSS vulnerability in base.php in DigitalHive 2.0 RC2 allows remote attackers to inject arbitrary web script or HTML via the mt parameter, possibly related to membres.php...

Unfixed XSS vulnerability at www.moleiro.com

Security researcher WHK, has submitted on 05/11/2007 a cross-site-scripting XSS vulnerability affecting www.moleiro.com, which at the time of submission ranked 494679 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/11/2007. It is currently...

PixelMotionV2.1.1.txt

!/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip Poc.link......:...

openbb108rfi.txt

+-------------------------------------------------------------------- + + Open Bulletin Board 1.0.8 ; Multiple Remote File Include Vulnerabilities + +------------------------------------------------------------------- + + Affected Software .: Software + Version .............: Open Bulletin Board...

CVE-2005-0883

CVE-2005-0883 describes two reflected XSS vulnerabilities in DigitalHive 2.0's base.php: (1) mt parameter to membres.php and (2) -afs-1- query string to msg.php. Attackers can inject arbitrary web script/HTML via these inputs. The provided documents do not specify a patch or workaround within thi...

CVE-2005-0883

Multiple cross-site scripting XSS vulnerabilities in base.php for DigitalHive 2.0 allow remote attackers to inject arbitrary web script or HTML via 1 the mt parameter to the membres.php page or 2 the -afs-1- query string to the msg.php page...