CVE-2017-6479

The CVE-2017-6479 entry concerns FenixHosting/fenix-open-source prior to 2017-03-04, which is vulnerable to a reflected XSS in forums/search.php via the search-by-topic parameter. The connected documents confirm the vulnerability class as reflected XSS and name the affected software and vector, b...

Popular PlayStation and Xbox Gaming Forums Hacked; 2.5 Million Users' Data Leaked

Do you own an account on one of the two hugely popular PlayStation and Xbox gaming forums? Your details may have been exposed, as it has been revealed that the two popular video gaming forums, "XBOX360 ISO" and "PSP ISO," has been hacked, exposing email addresses, account passwords and IP address...

Code injection

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...

CVE-2017-2576

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...

UBUNTU-CVE-2017-2576

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...

CVE-2017-2576

Technical details for CVE-2017-2576 are not publicly available in the provided documents; monitor for updates.

CVE-2017-2576

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...

forums.nicoclub.com XSS vulnerability

Open Bug Bounty ID: OBB-207234 Description| Value ---|--- Affected Website:| forums.nicoclub.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

moodle -- multiple vulnerabilities

Marina Glancy reports: MSA-17-0001: System file inclusion when adding own preset file in Boost theme MSA-17-0002: Incorrect sanitation of attributes in forums MSA-17-0003: PHPMailer vulnerability in no-reply address MSA-17-0004: XSS in assignment submission page...

Student Faces 10 Years In Prison For Creating And Selling Limitless Keylogger

A 21-year-old former Langley High School student, who won a Programmer of the Year Award in high school, pleaded guilty on Friday to charges of developing and selling custom key-logging malware that infected thousands of victims. Zachary Shames from Virginia pleaded guilty in a federal district...

forums.bowhunting.com Open Redirect vulnerability

Vulnerable URL: http://forums.bowhunting.com/redirect-to/?redirect=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 13:09 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank|...

Hackers Gamifies DDoS Attacks With Collaborative Platform

A Turkish hacking crew is luring participants to join its DDoS platform to compete with peers to earn redeemable points that are exchangeable for hacking tools and click-fraud software. The goal, security researchers say, is to “gamify” DDoS attacks in order to attract a critical mass of hackers...

cozumpark.com XSS vulnerability

Vulnerable URL: https://www.cozumpark.com/forums/482677/ShowThread.aspx?%27-prompt%28%27OPENBUGBOUNTY%27%29-%27 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 38449 VIP website...

Moodle 1.9.x < 1.9.17 Multiple Vulnerabilities

Binary data 9429.prm...

Two Million Passwords Breached in Ubuntu Hack

Linux users who frequent the Ubuntu forums may want to change their passwords following news that an attacker was able to breach the service and its two million users. Jane Silber, Chief Executive Officer at Canonical,the company that maintains the service, acknowledged on Friday that a known SQL...

forums.pagecloud.com XSS vulnerability

Vulnerable URL: https://forums.pagecloud.com/reset?lang=%27-prompt%28%27OPENBUGBOUNTY%27%29-%27 Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 10:33 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / N...

Jive Forums Directory Traversal Vulnerability

Jive Forums is a recognized online community. A directory traversal vulnerability exists in Jive Forums version 5.5.25 and earlier. An attacker can exploit ... /... / / jump to access system files outside of the web directory...

forums.mandiant.com XSS vulnerability

Vulnerable URL: https://forums.mandiant.com/community/community-center/tags?tags=%22%3E%3C/option%3E%3C%20/select%3E%3Cbody/onpageshow=prompt%28%29%3E%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability...

Lithium Social CRM Cross Site Scripting

Exploit Title: XSS Cross Site Scripting in Social CRM & Community Solutions powered by Lithium in Knowledge base section Discovery Date: 2016/02/19 Public Disclosure Date: 2016/03/24 Exploit Author: Imran Khan Contact: netizen01k at gmail.com Vendor link: http://www.lithium.com/ Tested on: Firefo...

Oxwall Forum v1.8.1 - Persistent Cross Site Vulnerability

Document Title: =============== Oxwall Forum v1.8.1 - Persistent Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1740 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID VL-ID: ====================================...