3 matches found
PT-2026-46849
Stored XSS via Hostile YouTube Video Title in AVideo YouTubeAPI Gallery Section Summary A stored Cross-Site Scripting vulnerability CWE-79; chained CWE-829, Inclusion of Functionality from Untrusted Control Sphere in the AVideo YouTubeAPI plugin renders the snippet.title field returned by the...
CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin Gallery) Vulnerability
Exploit Title: CSZ CMS 1.3.0 - Stored Cross-Site Scripting Plugin 'Gallery' CVE: CVE-2023-38911 Exploit Author: Daniel González Vendor Homepage: https://www.cszcms.com/ Software Link: https://github.com/cskaza/cszcms Version: 1.3.0 Tested on: CSZ CMS 1.3.0 Description: CSZ CMS 1.3.0 is affected b...
Easy-Clanpage 2.2 SQL Injection
----------------------------Information------------------------------------------------ +Name : Easy-Clanpage 2.2 http://www.easy-clanpage.de /?section=downloads&action=viewdl&id=18 +Demo : http://studio.siouxsie-fashion.at +Price : for free +Language : PHP +Discovered by Easy Laster +Security...