117 matches found
📄 glFusion 1.3.0 Blind SQL Injection
A critical blind SQL injection vulnerability exists in glFusion CMS version 1.3.0, affecting the Media Gallery search functionality. The vulnerability allows unauthenticated remote attackers to execute arbitrary SQL commands and potentially compromise the entire database. This issue is older...
EUVD-2013-1502
Malware in sbrugna...
EUVD-2009-1279
Malware in sbrugna...
EUVD-2009-1280
Malware in sbrugna...
EUVD-2009-0459
Malware in sbrugna...
EUVD-2009-4759
Malware in sbrugna...
EUVD-2021-31733
Malicious code in bioql PyPI...
EUVD-2021-31740
Malicious code in bioql PyPI...
EUVD-2021-31747
Malicious code in bioql PyPI...
EUVD-2021-32561
Malicious code in bioql PyPI...
EUVD-2021-31735
Malicious code in bioql PyPI...
CVE-2021-45843
glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting XSS vulnerability. The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. This input was echoed unmodified in the application's response...
CVE-2021-44935
glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /publichtml/comment.php. The attacker can complete the attack remotely without interaction...
CVE-2009-1281
Cross-site scripting XSS vulnerability in glFusion before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2021-45843
glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting XSS vulnerability. The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. This input was echoed unmodified in the application's response...
CVE-2021-45843
glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting XSS vulnerability. The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. This input was echoed unmodified in the application's response...
Cross site scripting
glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting XSS vulnerability. The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. This input was echoed unmodified in the application's response...
glFusion CMS 跨站脚本漏洞
glFusion CMS is a content management and publishing system. A cross-site scripting vulnerability exists in glFusion CMS version v1.7.9, which stems from being affected by reflective cross-site scripting XSS. The value of a header request parameter is copied into the value of an HTML markup...
CVE-2021-45843
CVE-2021-45843 affects glFusion CMS v1.7.9. The vulnerability is a reflected Cross Site Scripting (XSS) where the value of the title parameter is copied into an HTML attribute enclosed in double quotes and echoed unmodified in the response. Documented impact indicates potential script injection; ...
PT-2021-24304 · Unknown · Glfusion Cms
Name of the Vulnerable Software and Affected Versions: glFusion CMS version 1.7.9 Description: The issue concerns a reflected Cross Site Scripting XSS vulnerability. Specifically, the value of the title request parameter is copied into an HTML tag attribute encapsulated in double quotation marks...