Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2023/10/20 12:0 a.m.5 views

PT-2023-26327 · Unknown · Superwebmailer

Name of the Vulnerable Software and Affected Versions: SuperWebMailer version 9.00.0.01710 Description: An issue was discovered in SuperWebMailer that allows spamtest external.php XSS via a crafted filename. The issue is related to the filename variable, which can be exploited to execute XSS...

6.1CVSS6AI score0.00482EPSS
Exploits1References5
Veracode
Veracode
added 2023/05/17 8:32 a.m.52 views

SQL Injection

moodle/moodle is vulnerable to SQL Injection attacks. The vulnerability exists in getsubwikipages function of external.php due to lack of sanitization of user inputs which allows an attacker to inject and execute arbitrary sql queries...

7.3CVSS8.2AI score0.01142EPSS
Exploits0References12Affected Software1
Veracode
Veracode
added 2022/09/30 8:24 a.m.21 views

Information Disclosure

moodle/moodle is vulnerable to information disclosure. The vulnerability exists through the attempts parameter inexternal.php due to improper access control which allows an authenticated attacker to gain access to confidential information in the file system via insufficient capability checks...

4.3CVSS4AI score0.00853EPSS
Exploits0References6Affected Software1
Openbugbounty
Openbugbounty
added 2017/08/22 10:33 a.m.9 views

my.ryte.com Open Redirect vulnerability

Vulnerable URL: https://my.ryte.com/utils/goto-external.php?https%3A%2F%2Fwww.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 20.11.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VI...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/01/21 1:58 a.m.7 views

thecovernippon.jp Open Redirect vulnerability

Vulnerable URL: http://www.thecovernippon.jp/external.php?exurl=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 3517486 Google Pagerank| 0 VIP...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/09/20 12:0 a.m.112 views

Moodle 'external.php' 'badge' Parameter XSS

The version of Moodle installed on the remote host fails to properly sanitize user-supplied input to the 'badge' parameter of the 'external.php' script. The application also fails to properly sanitize serialized objects. An attacker can exploit these issues by crafting a URL containing a serializ...

7.5CVSS5.8AI score0.02098EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2013/09/16 1:2 p.m.43 views

CVE-2013-5674

badges/external.php in Moodle 2.5.x before 2.5.2 does not properly handle an object obtained by unserializing a description of an external badge, which allows remote attackers to conduct PHP object injection attacks via unspecified vectors, as demonstrated by overwriting the value of the userid...

7.5CVSS5.9AI score0.02098EPSS
Exploits2References3
seebug.org
seebug.org
added 2008/03/19 12:0 a.m.64 views

phpBP id参数远程SQL注入漏洞

BUGTRAQ ID: 28272 PHPBP是在波兰广泛使用的网站内容管理系统。 PHPBP的includes/functions/banners-external.php脚本文件中没有正确地验证对id参数的输入,允许远程攻击者通过提交特制的SQL查询请求执行SQL注入攻击。 以下是有漏洞的代码段: ... 3 function bannerout //zlicza ilosc klikniec na banner 4 5 global $conf; 6 7 if$GET'id' 8 9 SQLvalidate$POST'id'; 10 11 $db = new dbquery; 12...

7AI score
Exploits0
Rows per page
Query Builder