CVE-2025-14136

A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function RE2000v2RepeatergetwiredclientlistsetClientsName of the file modform.so. The manipulation of the argume...

TYPO3 9.0.0 < 9.5.48 ELTS / 10.0.0 < 10.4.45 ELTS / 11.0.0 < 11.5.37 / 12.0.0 < 12.4.15 / 13.0.0 < 13.1.1 XSS (TYPO3-CORE-SA-2024-008)

The version of TYPO3 installed on the remote host is prior to 9.0.0 9.5.48 ELTS / 10.0.0 10.4.45 ELTS / 11.0.0 11.5.37 / 12.0.0 12.4.15 / 13.0.0 13.1.1. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2024-008 advisory. - TYPO3 is an enterprise content management...

Remote Code Execution

tribalsystems/zenario is vulnerable to remote code execution. It is possible for a remote attacker to upload and execute malicious code on the system via the vulnerable handlePluginAJAX function in modulecode.php which resides inside User Form module, when the file upload is enabled...

DRUPAL-CONTRIB-2020-029

The Modal form module is a toolset for quick start of using forms in modal windows. Any form is available for view and submit when the modalform module is installed. The only requirement is to know the form's fully-qualified class name...

Unspecified Vulnerability in Drupal Filemaker Form Module

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. An unspecified vulnerability exists in the Drupal Filemaker Form module, for which a detailed vulnerability description is not currently available...

CVE-2015-5507

The issue is a Cross-Site Scripting (XSS) vulnerability in the Drupal contributed module Inline Entity Form (7.x-1.x) prior to 7.x-1.6. The module does not sufficiently sanitize user-supplied text, allowing remote authenticated users with permission to create or edit fields to inject arbitrary sc...

THC-Hydra 8.1 - Network Logon Cracker

A very fast network logon cracker which support many different services. See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa.Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Magnolia Form module 1.x before 1.4.7 and 2.x before 2.0.2 for Magnolia CMS allow remote attackers to inject arbitrary web script or HTML via the 1 username, 2 fullname, or 3 email parameter to...

CVE-2013-4759

The CVE-2013-4759 entry describes Cross-Site Scripting (XSS) in Magnolia CMS, specifically in the Magnolia Form module. Affected are Magnolia Form module versions 1.x before 1.4.7 and 2.x before 2.0.2, where insufficient sanitisation of user-supplied data in the username, fullname, and email para...

CVE-2013-4759

Multiple cross-site scripting XSS vulnerabilities in the Magnolia Form module 1.x before 1.4.7 and 2.x before 2.0.2 for Magnolia CMS allow remote attackers to inject arbitrary web script or HTML via the 1 username, 2 fullname, or 3 email parameter to...

Magnolia CMS 5.0.1 Community Edition Cross Site Scripting

Advisory ID: HTB23163 Product: Magnolia CMS Vendor: Magnolia International Ltd Vulnerable Versions: 4.5.7, 4.5.8, 4.5.9, 5.0 and 5.0.1 Community Edition Tested Version: 5.0 Community Edition Vendor Notification: July 3, 2013 Vendor Patch: July 18, 2013 Public Disclosure: July 24, 2013 Vulnerabili...

DEBIAN-CVE-2007-0667

The redirect function in Form.pm for 1 LedgerSMB before 1.1.5 and 2 SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872...

UBUNTU-CVE-2007-0667

The redirect function in Form.pm for 1 LedgerSMB before 1.1.5 and 2 SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872...