3 matches found
CVE-2021-44154
An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload to /goform/editopt, which will then be triggered when running the diagnostics via /goform/diagnosticsdoit, resulting in a buffer overflow...
MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting
Exploit Title: MyBB Threads to Link Plugin v1.3 - Persistent XSS Date: 3/15/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=1065 Version: v1.3 Tested on: Ubuntu 17.10 CVE: CVE-2018-10365 1. Description...
Users with only View Space permission are able to edit Space Questions
h2. Problem Summary Users are able to edit any Space Questions as long as they have View permissions for that space. This includes questions asked by other users. Users do not need to have Space Admin or even Add/Edit Page permissions to the space, only View is required. This is inconsistent when...