49 matches found
EUVD-2018-7549
Malware in sbrugna...
EUVD-2018-7553
Malware in sbrugna...
EUVD-2018-7548
Malware in sbrugna...
EUVD-2018-9612
Malware in sbrugna...
EUVD-2018-7554
Malware in sbrugna...
EUVD-2018-7550
Malware in sbrugna...
EUVD-2018-7551
Malware in sbrugna...
EUVD-2018-7547
Malware in sbrugna...
CVE-2018-17870
An issue was discovered in BTITeam XBTIT 2.5.4. The "returnto" parameter of accountchange.php is vulnerable to an open redirect, a different vulnerability than CVE-2018-15683...
Open redirect
An issue was discovered in BTITeam XBTIT 2.5.4. The "returnto" parameter of accountchange.php is vulnerable to an open redirect, a different vulnerability than CVE-2018-15683...
BTITeam XBTIT cross-site scripting vulnerability (CNVD-2018-19430)
BTITeam XBTIT is an open source bittorrent tracking system. A cross-site scripting vulnerability exists in BTITeam XBTIT. Attackers can use the 'String.replace' function and 'eval' function to exploit the vulnerability to bypass the includes/crkprotection.php script of the anti-cross-site scripti...
BTITeam XBTIT Cross-Site Scripting Vulnerability (CNVD-2019-28273)
XBTIT is an open source tracking software. A stored cross-site scripting vulnerability exists in newsfeed /index.php?page=viewnews in BTITeam XBTIT 2.5.4. An attacker can exploit this vulnerability to conduct a cross-site scripting attack via the headline of a news item...
CVE-2018-16361
An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter...
CVE-2018-16361
An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter...
CVE-2018-15684
An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory /include/logs using predictable file names, which can lead to full path disclosure and leakage of sensitive data...
CVE-2018-15684
An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory /include/logs using predictable file names, which can lead to full path disclosure and leakage of sensitive data...
CVE-2018-15678
An issue was discovered in BTITeam XBTIT 2.5.4. The "act" parameter in the sign-up page available at /index.php?page=signup is vulnerable to reflected cross-site scripting...
CVE-2018-15682
An issue was discovered in BTITeam XBTIT. Due to a lack of cross-site request forgery protection, it is possible to automate the action of sending private messages to users by luring an authenticated user to a web page that automatically submits a form on their behalf...
CVE-2018-15680
An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtitusers table are stored as unsalted MD5 hashes, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack...
CVE-2018-15679
An issue was discovered in BTITeam XBTIT 2.5.4. The "keywords" parameter in the search function available at /index.php?page=forums&action=search is vulnerable to reflected cross-site scripting...