Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-17248

Malware in sbrugna...

6.1CVSS6.2AI score0.02069EPSS
Exploits5References3
CNVD
CNVD
added 2018/01/18 12:0 a.m.3 views

FoxSash ImgHosting Search Engine Cross-Site Scripting Vulnerability

FoxSash ImgHosting is a set of scripts for online image hosting. search engine is one of the search engines. A cross-site scripting vulnerability exists in the search engine in FoxSash ImgHosting version 1.5. A remote attacker can exploit this vulnerability by sending the 'search' parameter to th...

6.1CVSS6.4AI score0.02069EPSS
Exploits5References1
NVD
NVD
added 2018/01/15 4:29 p.m.30 views

CVE-2018-5479

FoxSash ImgHosting 1.5 according to footer information is vulnerable to XSS attacks. The affected function is its search engine via the search parameter to the default URI. Since there is an user/admin login interface, it's possible for attackers to steal sessions of users and thus admins. By...

6.1CVSS6.2AI score0.02069EPSS
Exploits5References1
OSV
OSV
added 2018/01/15 4:29 p.m.4 views

CVE-2018-5479

FoxSash ImgHosting 1.5 according to footer information is vulnerable to XSS attacks. The affected function is its search engine via the search parameter to the default URI. Since there is an user/admin login interface, it's possible for attackers to steal sessions of users and thus admins. By...

6.1CVSS5.8AI score0.02069EPSS
Exploits5References1
Cvelist
Cvelist
added 2018/01/15 4:0 p.m.30 views

CVE-2018-5479

FoxSash ImgHosting 1.5 according to footer information is vulnerable to XSS attacks. The affected function is its search engine via the search parameter to the default URI. Since there is an user/admin login interface, it's possible for attackers to steal sessions of users and thus admins. By...

6.2AI score0.02069EPSS
Exploits5References1
CVE
CVE
added 2018/01/15 4:0 p.m.54 views

CVE-2018-5479

FoxSash ImgHosting 1.5 (search engine) is vulnerable to cross-site scripting via the search parameter in the default URI. The CVE notes an XSS impact that can lead to session theft of users and admins when a crafted URL is visited. Several connected sources (CNVD/CNVD-2018-04325, NVD entry, and e...

6.1CVSS6.1AI score0.02069EPSS
Exploits5References1Affected Software1
Rows per page
Query Builder