Chaturbate: Unrestricted POST request size on /customer_support/information_form/ endpoint

The hacker found that a form on the billing site had a high post size limit that could cause increased load. This was lowered to a reasonable amount. This had no effect on any stored data...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the admin panel in osCMax before 2.5.1 allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter in a process action to admin/login.php; 2 pageTitle, 3 currentproductid, or 4 cPath parameter to...