CVE-2015-10006

A vulnerability, which was classified as problematic, has been found in admont28 Ingnovarq. Affected by this issue is some unknown functionality of the file app/controller/insertarSliderAjax.php. The manipulation of the argument imagetitle leads to cross site scripting. The attack may be launched...

Ingnovarq 跨站脚本漏洞

Ingnovarq is a repository containing the source code of Ingnovarq by the individual developer Andrés David Montoya Aguirre. A cross-site scripting vulnerability exists in Ingnovarq, which stems from misuse of the parameter imagetitle leading to cross-site scripting...

PT-2023-10185 · Unknown · Admont28 Ingnovarq

Name of the Vulnerable Software and Affected Versions: admont28 Ingnovarq affected versions not specified Description: A problematic issue has been found in admont28 Ingnovarq, affecting some unknown functionality of the file app/controller/insertarSliderAjax.php. The manipulation of the imagetit...

CVE-2020-14962

The CVE-2020-14962 issue affects the WordPress Final Tiles Gallery/FTG Lite plugin (versions before 3.4.19). The underlying vulnerability is Cross-Site Scripting (XSS) in the image handling: attacker-supplied input in the image Title (imageTitle) or Description (caption) fields passed to wp-admin...

WordPress Vertical Image Slider 1.0 CSRF / XSS

漏洞影响：Vertical Image Slider 1.0 https://wordpress.org/plugins/wp-vertical-image-slider/漏洞说明：Vertical Image Slider 1.0 对imagetitle和imageurl 变量没有进行过滤导致存在CSRF和XSS漏洞。问题代码：...

LEMON-S PHP Twit BBS Cross-Site Scripting Vulnerability

LEMON-S PHP Twit BBS is a PHP-based electronic bulletin board BBS forum. A cross-site scripting vulnerability exists in the index.php script in LEMON-S PHP Twit BBS. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of the 'imagetitle' parameter...

CVE-2015-2989

Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...

CVE-2015-2989

Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...

CVE-2015-2989

CVE-2015-2989 (LEMON-S PHP Twit BBS) is a cross-site scripting (XSS) vulnerability in the index.php script caused by unsafely processing the imagetitle parameter. The affected software is the Twit BBS PHP-based bulletin board. Impact as stated: remote attackers can inject arbitrary web script or ...

Twit BBS vulnerable to cross-site scripting

Overview Twit BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of imagetitle parameter in index.php. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

JVN#77193915: Twit BBS vulnerable to cross-site scripting

Twit BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of imagetitle parameter in index.php. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Twit BBS Twit BBS is no longer being developed or...