14 matches found
EUVD-2018-1975
Malware in sbrugna...
EUVD-2017-15454
Malware in sbrugna...
CVE-2018-1000642
FlightAirMap version =v1.0-beta.21 contains a Cross Site Scripting XSS vulnerability in GET variable used within registration sub menu page that can result in unauthorised actions and access to data, stealing session information. This vulnerability appears to have been fixed in after commit 22b09...
FlightAirMap Cross-Site Scripting Vulnerability
FlightAirMap is a free, open source application developed using PHP for displaying flights on a map. A cross-site scripting vulnerability exists in the GET variable on the Registration sub-menu page in FlightAirMap 1.0-beta.21 and earlier versions. A remote attacker can exploit this vulnerability...
CVE-2018-1000642
FlightAirMap version =v1.0-beta.21 contains a Cross Site Scripting XSS vulnerability in GET variable used within registration sub menu page that can result in unauthorised actions and access to data, stealing session information. This vulnerability appears to have been fixed in after commit 22b09...
CVE-2018-1000642
FlightAirMap version =v1.0-beta.21 contains a Cross Site Scripting XSS vulnerability in GET variable used within registration sub menu page that can result in unauthorised actions and access to data, stealing session information. This vulnerability appears to have been fixed in after commit 22b09...
Cross site scripting
FlightAirMap version =v1.0-beta.21 contains a Cross Site Scripting XSS vulnerability in GET variable used within registration sub menu page that can result in unauthorised actions and access to data, stealing session information. This vulnerability appears to have been fixed in after commit 22b09...
CVE-2018-1000642
FlightAirMap version =v1.0-beta.21 contains a Cross Site Scripting XSS vulnerability in GET variable used within registration sub menu page that can result in unauthorised actions and access to data, stealing session information. This vulnerability appears to have been fixed in after commit 22b09...
CVE-2018-1000642
FlightAirMap affected version:
CVE-2017-6397
An issue was discovered in FlightAirMap v1.0-beta.10. The vulnerability exists due to insufficient filtration of user-supplied data in multiple parameters passed to several -sub-menu.php pages. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...
Authorization
An issue was discovered in FlightAirMap v1.0-beta.10. The vulnerability exists due to insufficient filtration of user-supplied data in multiple parameters passed to several -sub-menu.php pages. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...
CVE-2017-6397
FlightAirMap v1.0-beta.10 is affected by multiple cross-site scripting (XSS) vulnerabilities due to insufficient filtration of user-supplied data in several *-sub-menu.php pages. The issue allows an attacker to inject arbitrary HTML/JavaScript in the context of the vulnerable website. Connected s...
CVE-2017-6397
An issue was discovered in FlightAirMap v1.0-beta.10. The vulnerability exists due to insufficient filtration of user-supplied data in multiple parameters passed to several -sub-menu.php pages. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...
FlightAirMap Multiple Cross-Site Scripting Vulnerabilities
FlightAirMap is an open source project that displays flights in real time on a 2D or 3D map. FlightAirMap suffers from multiple cross-site scripting vulnerabilities. The vulnerabilities arise due to a failure to properly validate user-submitted data. An attacker could use the vulnerabilities to...