20 matches found
EUVD-2025-29922
Malicious code in bioql PyPI...
CVE-2025-10668
A security vulnerability has been detected in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file /members/composemsgadmin.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...
CVE-2025-10667
A weakness has been identified in itsourcecode Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /members/composemsg.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-10668
A security vulnerability has been detected in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file /members/composemsgadmin.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...
CVE-2025-10668
A security vulnerability has been detected in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file /members/composemsgadmin.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...
CVE-2025-10668
The CVE concerns itsourcecode Online Discussion Forum 1.0, where manipulation of the ID parameter in /members/compose_msg_admin.php enables SQL injection. This is a network-accessible issue with potential remote exploitation, and multiple feeds (nvd, Red Hat, CVE records, and security trackers) c...
CVE-2025-10668 itsourcecode Online Discussion Forum compose_msg_admin.php sql injection
A security vulnerability has been detected in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file /members/composemsgadmin.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...
CVE-2025-10667 itsourcecode Online Discussion Forum compose_msg.php sql injection
A weakness has been identified in itsourcecode Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /members/composemsg.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-10667
CVE-2025-10667 affects the itsourcecode Online Discussion Forum 1.0. The vulnerability is a SQL injection in the file /members/compose_msg.php caused by manipulation of the ID parameter, enabling remote exploitation. Multiple sources confirm the issue and publicly available exploit code may exist...
CVE-2025-10667 itsourcecode Online Discussion Forum compose_msg.php sql injection
A weakness has been identified in itsourcecode Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /members/composemsg.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
itsourcecode Online Discussion Forum SQL注入漏洞
itsourcecode Online Discussion Forum is an online forum of itsourcecode open source. A SQL injection vulnerability exists in itsourcecode Online Discussion Forum version 1.0, which stems from incorrect manipulation of the parameter ID in the file /members/composemsgadmin.php, which could lead to ...
PT-2025-38322
Name of the Vulnerable Software and Affected Versions itsourcecode Online Discussion Forum version 1.0 Description A SQL injection weakness exists in the file /members/compose msg.php due to the manipulation of the ID argument. This issue is exploitable remotely. The exploit has been made publicl...
itsourcecode Online Discussion Forum SQL注入漏洞
itsourcecode Online Discussion Forum is an online forum of itsourcecode open source. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Discussion Forum, which stems from incorrect manipulation of the parameter ID in the file /members/composemsg.php, which could lead to a...
CVE-2017-20106
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
Server side request forgery (ssrf)
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
CVE-2017-20106 Lithium Forum Compose Message server-side request forgery
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
CVE-2017-20106
The CVE-2017-20106 entry concerns Lithium Forum 2017 Q1. A server-side request forgery (SSRF) vulnerability arises from manipulating the upload_url argument in the Compose Message Handler component. The attack requires local access, and public exploits have been disclosed. Documented impact indic...
Lithium Forum - (Compose Message) SSRF Vulnerability
Document Title: =============== Lithium Forum - Compose Message SSRF Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2030 Release Date: ============= 2017-02-20 Vulnerability Laboratory ID VL-ID: ==================================== 2030...
Multiple browsers DoS
Mail program compose message window is created for avery frame with mailto:, news:, nntp:, etc URI...
CVE-2004-1498
CVE-2004-1498 describes a SQL injection in the compose message form of HELM up to version 3.1.19, exploitable via the messageToUserAccNum parameter. The issue allows remote attackers to run arbitrary SQL commands. Affected: HELM 3.1.19 and earlier (HELM frontend/compose logic). Root cause: unsafe...