2 matches found
PT-2026-2359
Name of the Vulnerable Software and Affected Versions YouPHPTube versions prior to 7.9 Description The software contains a cross-site scripting issue that allows attackers to inject malicious scripts. This is achieved by manipulating the redirectUri parameter within the signup page. Successful...
CVE-2017-5493
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted 1 site signup or 2 user signup...