TYPO3 Backend Cross-Site Scripting Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF maintained by the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in the TYPO3 backend. Because the program fails to properly encode user input, an attacker would need to use a valid backend user...

CVE-2017-8920

irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS...

MyBB cache handler vulnerability

MyBB is a WEB-based application. The cache handler in MyBB fails to properly check the input encoding of the varexport function, allowing remote attackers to exploit the vulnerability for malicious attacks...

CVE-2015-2352

The cache handler in MyBB aka MyBulletinBoard before 1.8.4 does not properly check the encoding of input to the varexport function, which allows attackers to have an unspecified impact via unknown vectors...

CVE-2015-2352

CVE-2015-2352 affects MyBB (MyBulletinBoard) up to version 1.8.3; the cache handler fails to properly validate input encoding before passing data to var_export, enabling an unspecified impact via unknown vectors. The issue is resolved in MyBB 1.8.4 per vendor advisories. Practical impact and expl...

Microsoft VS Team Foundation Server SignalR XSS Vulnerability (2905244)

This host is missing an important security update according to Microsoft Bulletin MS13-103. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...