Exploit for Code Injection in Ispconfig

CVE-2023-46818 exploit This is a python version of the origin...

ISPConfig 3.2.11 PHP Code Injection

------------------------------------------------------------------------ ISPConfig = 3.2.11 languageedit.php PHP Code Injection Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.ispconfig.org - Affected Versions: Version 3.2.11 and...

X (Formerly Twitter): Cross-Domain Leakage of X Username / UserID due to Dynamically Generated JS File

The vulnerability allowed the retrieval of a user's X username and user ID from a dynamically generated JavaScript file hosted on Twitter. An attacker could force a victim to import the file from a malicious website, bypassing the Same-Origin Policy and exposing the user's sensitive information...

[SECURITY] Fedora 25 Update: php-7.0.25-1.fc25

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

My Blog 1.63 BBCode HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16659/info My Blog is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplie...

MyBloggie 2.1.2/2.1.3 BBCode IMG Tag HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17865/info MyBloggie is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...

Simple Machines Forum <= 1.1.7 '[url]' Tag HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33595/info Simple Machines Forum is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML...

Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16002/info Beehive Forum is prone to multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

DotNetNuke <= 4.0 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20117/info DotNetNuke is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...

IT!CMS 0.2 menu-ed.php wndtitle Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues...

WebCalendar 1.1.6 pref.php Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/27461/info WebCalendar is prone to multiple HTML-injection and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content...

MonoChat 1.0 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17983/info MonoChat is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script co...

Adobe ColdFusion Server <= 8.0.1 wizards/common/_authenticatewizarduser.cfm Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/36046/info Adobe ColdFusion is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...

Phorum 5.0.14 Multiple Subject and Attachment HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12800/info Phorum is reportedly affected by multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated...

Webfroot Shoutbox 2.32 Viewshoutbox.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9289/info Webfroot Shoutbox is prone to a cross-site scripting vulnerability in the 'viewshoutbox.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via UR...

CheesyBlog 1.0 - Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16376/info CheesyBlog is prone to multiple HTML injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied...

WikiNi 0.4.x Waka.PHP Multiple HTML-Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20688/info WikiNi is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. An attacker may leverage these...

SNewsCMS 2.x - 'search.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28262/info SNewsCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execu...

PHPOpenChat 3.0.1 - Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12841/info PHPOpenChat is reportedly affected by multiple remote HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically...

phpBB 2.0.21 Privmsg.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22001/info phpBB is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...