PT-2026-37310

Name of the Vulnerable Software and Affected Versions YetAnotherForum.NET YAF.NET versions prior to 4.0.5 YetAnotherForum.NET YAF.NET versions prior to 3.2.12 Description The thread posting and reply feature allows user-supplied content to be stored server-side and rendered on the thread page...

CVE-2019-25642

Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can inject SQL payloads into the threadid parameter of forum-thread.php, the subject parameter of...

CVE-2019-25642

Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can inject SQL payloads into the threadid parameter of forum-thread.php, the subject parameter of...

CVE-2019-25642 Bootstrapy CMS Lastest Multiple SQL Injection via Forum and Contact Modules

Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can inject SQL payloads into the threadid parameter of forum-thread.php, the subject parameter of...

PT-2026-27376

Name of the Vulnerable Software and Affected Versions Bootstrapy CMS affected versions not specified Description Multiple SQL injection flaws allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. This can lead to the extraction of...

Bootstrapy CMS SQL注入漏洞

Bootstrapy CMS is an open-source content management system developed by Bootstrapy. Bootstrapy CMS has a SQL injection vulnerability. This vulnerability arises from multiple SQL injections, allowing unauthenticated attackers to inject malicious code through the threadid parameter in...

EUVD-2006-5698

Malware in sbrugna...

anleihencheck.de XSS vulnerability

Open Bug Bounty ID: OBB-446333 Description| Value ---|--- Affected Website:| anleihencheck.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

MojoPortal 2.3.9.7 Cross Site Scripting

Class Stored Cross-Site Scripting Remote Yes Credit Michael Savage of Dionach [email protected] Vulnerable MojoPortal 2.3.9.7 MojoPortal is prone to a stored cross-site scripting vulnerability because it does not escape the titles of forum threads when inserting into the page title element. An...

CVE-2006-5713

Cross-site scripting XSS vulnerability in Easy File Sharing EFS Web Server 4.0 allows remote attackers to inject arbitrary web script or HTML via the 1 author, 2 content, or 3 title parameters when posting a forum thread. NOTE: the provenance of this information is unknown; the details are obtain...

CVE-2006-5713

Cross-site scripting XSS vulnerability in Easy File Sharing EFS Web Server 4.0 allows remote attackers to inject arbitrary web script or HTML via the 1 author, 2 content, or 3 title parameters when posting a forum thread. NOTE: the provenance of this information is unknown; the details are obtain...