13 matches found
CVE-2020-12708
Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the catid parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043...
EUVD-2020-7251
Malware in sbrugna...
EUVD-2022-27264
Malicious code in bioql PyPI...
WordPress BuddyForms Plugin <= 2.8.12 is vulnerable to Cross Site Scripting (XSS)
Software BuddyForms Type Plugin Vulnerable versions = 2.8.12 Fixed in 2.8.13 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47377 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9418faef5fbf Credits SOPROBRO Required privilege Editor...
Cyclos 4.14.7 - (groupId) DOM Based Cross-Site Scripting Vulnerability
Exploit Title: Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting XSS Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31673 Description: A Dom-based Cross-sit...
travelglutenfree.co.uk Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1015072 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting travelglutenfree.co.uk...
classifieds.team-bhp.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1004258 Security Researcher logindenied Helped patch 7927 vulnerabilities Received 8 Coordinated Disclosure badges Received 76 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting classifieds.team-bhp.c...
dille-kamille.be XSS vulnerability
Open Bug Bounty ID: OBB-671063 Description| Value ---|--- Affected Website:| dille-kamille.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
phpList 2.10.x - 'email' Cross-Site Scripting
source: https://www.securityfocus.com/bid/47580/info PHPList is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Ceica-GW - 'login.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/40917/info Ceica-GW is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
[SA17458] XMB "username" Cross-Site Scripting Vulnerability
TITLE: XMB "username" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA17458 VERIFY ADVISORY: http://secunia.com/advisories/17458/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: XMB 1.x http://secunia.com/product/1491/ DESCRIPTION: HACKERS PAL has...
FlatNuke 2.5.5 - 'structure.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/14483/info FlatNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to inject html and script code into...
[SECURITY] [DSA 531-1] New php4 packages fix multiple vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 531-1 [email protected] http://www.debian.org/security/ Matt Zimmerman July 20th, 2004 http://www.debian.org/security/faq -...