Lucene search
K

4 matches found

CVE
CVE
added 2014/11/21 3:0 p.m.43 views

CVE-2014-8469

CVE-2014-8469 is a stored XSS in PHPFox (Moxi9) before 4 Beta, exploitable via the User-Agent header in AdminCP’s Guests/Boots. The issue arises from manipulating the user_agent field, enabling remote script/html injection. Public records show an exploit exists (PHPFox XSS AdminCP) and the vendor...

4.3CVSS5.8AI score0.03217EPSS
Exploits3References5Affected Software1
Cvelist
Cvelist
added 2014/11/21 3:0 p.m.28 views

CVE-2014-8469

Cross-site scripting XSS vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta allows remote attackers to inject arbitrary web script or HTML via the User-Agent header...

5.7AI score0.03217EPSS
Exploits3References5
Exploit DB
Exploit DB
added 2014/11/17 12:0 a.m.30 views

PHPFox - Persistent Cross-Site Scripting

Exploit Title: PHPFox XSS AdminCP Date: 2014-10-22 Exploit Author: Wesley Henrique Leite aka "spyk2r" Vendor Homepage: http://www.moxi9.com Version: All version CVE : CVE-2014-8469 Response Vendor: fixed 2014-10-23 to v4 Beta + DESCRIPTION The system stores all urls accessed in a database table,...

4.3CVSS7AI score0.03217EPSS
Exploits3
exploitpack
exploitpack
added 2014/11/17 12:0 a.m.27 views

PHPFox - Persistent Cross-Site Scripting

PHPFox - Persistent Cross-Site Scripting Exploit Title: PHPFox XSS AdminCP Date: 2014-10-22 Exploit Author: Wesley Henrique Leite aka "spyk2r" Vendor Homepage: http://www.moxi9.com Version: All version CVE : CVE-2014-8469 Response Vendor: fixed 2014-10-23 to v4 Beta + DESCRIPTION The system store...

4.3CVSS6.3AI score0.03217EPSS
Exploits3
Rows per page
Query Builder