Exploit for Code Injection in Ispconfig

CVE-2023-46818 exploit This is a python version of the origin...

ISPConfig 3.2.11 PHP Code Injection

------------------------------------------------------------------------ ISPConfig = 3.2.11 languageedit.php PHP Code Injection Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.ispconfig.org - Affected Versions: Version 3.2.11 and...

X (Formerly Twitter): Cross-Domain Leakage of X Username / UserID due to Dynamically Generated JS File

The vulnerability allowed the retrieval of a user's X username and user ID from a dynamically generated JavaScript file hosted on Twitter. An attacker could force a victim to import the file from a malicious website, bypassing the Same-Origin Policy and exposing the user's sensitive information...

[SECURITY] Fedora 25 Update: php-7.0.25-1.fc25

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Blue Coat Reporter 7.0/7.1 License HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13725/info Blue Coat Reporter is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

Webfroot Shoutbox 2.32 Viewshoutbox.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9289/info Webfroot Shoutbox is prone to a cross-site scripting vulnerability in the 'viewshoutbox.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via UR...

Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9768/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to insufficient sanitization of input supplied via the 'c', 'f', , 'showuser', and 'username' URI parameters...

ETicket 1.5.5 Open.PHP Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/24681/info eTicket is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverag...

phpBB 2.0.21 Privmsg.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22001/info phpBB is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...

Ruby on Rails 1.2.3 To_JSON - Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24161/info Ruby on Rails is prone to a script-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied script code...

Manic Web MWGuest 2.1 MWguest.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17630/info MWGuest is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script cod...

ScrewTurn Software ScrewTurn Wiki 2.0.x 'System Log' Page HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30429/info ScrewTurn Wiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...

PECL Alternative PHP Cache Local 3 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32934/info PECL Alternative PHP Cache is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied...

WebCT Discussion Board 4.1 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13101/info WebCT is reportedly affected by an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to using it in dynamically generated content...

WebCalendar 1.1.6 pref.php Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/27461/info WebCalendar is prone to multiple HTML-injection and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content...

Mensajeitor 1.8.9 IP Parameter HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14071/info Mensajeitor is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

GWExtranet 3.0 Scp.DLL Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/26582/info GWExtranet is prone to multiple HTML-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. Attacker-supplied...

My Blog 1.63 BBCode HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16659/info My Blog is prone to an HTML-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplie...

Elite Forum 1.0 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15257/info Elite Forum is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...

WikiNi 0.4.x Waka.PHP Multiple HTML-Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20688/info WikiNi is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. An attacker may leverage these...