MaNGOSWebV4 < 4.0.8 - Cross-Site Scripting

paintballrefjosh/MaNGOSWebV4 4.0.8 contains a reflected XSS caused by unsanitized input in install/index.php step parameter, letting attackers execute arbitrary scripts in the victim's browser, exploit requires victim to visit a maliciously crafted URL id: CVE-2017-6478 info: name: MaNGOSWebV4...

EUVD-2018-2642

Malware in sbrugna...

EUVD-2020-18673

Malware in sbrugna...

EUVD-2021-28079

Malicious code in bioql PyPI...

pixelimity 注入漏洞

pixelimity is pixelimity open source a content management system . pixelimity 1.0 version of an injection vulnerability , the vulnerability stems from the file /install/index.php parameter sitedescription in the wrong operation leads to SQL injection...

CVE-2023-1685

A vulnerability was found in HadSky up to 7.11.8. It has been declared as critical. This vulnerability affects unknown code of the file /install/index.php of the component Installation Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has be...

CVE-2020-26041

An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php...

CVE-2020-26043

An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php...

Hoosk 安全漏洞

Hoosk is a lightweight content management system by the individual developers of Havok. A security vulnerability exists in Hoosk version 1.7.1, which stems from the presence of a SQL injection vulnerability that allows remote attackers to obtain sensitive information via the /install/index.php...

Hoosk 安全漏洞

Hoosk is a lightweight content management system from the individual developers at Havok. A security vulnerability exists in Hoosk version 1.7.1, which stems from a cross-site scripting vulnerability that allows remote attackers to obtain sensitive information via the /install/index.php component...

PT-2023-29080 · Unknown · Blackcat Cms

Name of the Vulnerable Software and Affected Versions: Black Cat CMS version 1.4.1 Description: A cross-site scripting XSS vulnerability exists in Black Cat CMS, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload. This issue is present in two locations: the...

CVE-2023-41601

Multiple cross-site scripting XSS vulnerabilities in install/index.php of CSZ CMS v1.3.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Database Username or Database Host parameters...

CSZ CMS Cross-Site Scripting Vulnerability

CSZ CMS is a PHP-based open source content management system CMS. A security vulnerability exists in CSZ CMS v1.3.0, which stems from multiple cross-site scripting XSS vulnerabilities in install/index.php that allow attackers to execute arbitrary web script or HTML with a crafted payload via the...

PT-2023-27994 · Csz Cms · Csz Cms

Name of the Vulnerable Software and Affected Versions: CSZ CMS version 1.3.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Database Username or Database Host parameters in the install/index.php file. This enables the...

bugs 跨站脚本漏洞

Bugs is a branch of the open-source Tinyissue defect tracking system by Alexandre Plennevaux, a personal developer in Belgium. bugs 1.8 and earlier versions of install/index.php are vulnerable to cross-site scripting, which can be exploited by remote attackers to inject arbitrary Web script or HT...

bugs 跨站脚本漏洞

Bugs is a branch of the open source Tinyissue defect tracking system by Alexandre Plennevaux, a personal developer in Belgium. bugs 1.8 and earlier versions of install/index.php are vulnerable to cross-site scripting, which can be exploited by remote attackers to inject arbitrary Web script or HT...

CVE-2020-18470

Stored cross-site scripting XSS vulnerability in the Name of application field found in the General Configuration page in Rukovoditel 2.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to...

Chamilo LMS 跨站脚本漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, remote training, and online question and answer sessions. Chamilo LMS suffers from a cross-site scripting vulnerability that allows a...

CVE-2019-17608

HongCMS 3.0.0 has XSS via the install/index.php dbname parameter...

CVE-2019-17607

HongCMS 3.0.0 has XSS via the install/index.php servername parameter...