53 matches found
EUVD-2019-7934
Malware in sbrugna...
EUVD-2018-20573
Malware in sbrugna...
EUVD-2019-7935
Malware in sbrugna...
EUVD-2019-7936
Malware in sbrugna...
CVE-2025-25991
CVE-2025-25991 affects HooskCMS v1.7.1. The vulnerability is described as an SQL Injection in the /install/index.php component, enabling a remote attacker to obtain sensitive information. According to the CVSS 3.1 data, the base score is 5.1 (Medium) with a LOCAL attack-vector, LOW complexity, no...
CVE-2023-44043
A reflected cross-site scripting XSS vulnerability in /install/index.php of Black Cat CMS 1.4.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website title parameter...
CVE-2023-5221
ForU CMS contains a code injection vulnerability in /install/index.php via manipulation of the db_name argument. The issue allows remote code execution and has been publicly disclosed. Impact is tied to confidentiality, integrity, and availability at HIGH/CRITICAL levels per CVE-2023-5221, with m...
CVE-2023-1685
HadSky up to 7.11.8 contains a command injection vulnerability in the Installation Interface, specifically the /install/index.php file. The vulnerability allows remote exploitation and has been publicly disclosed. Affected software: HadSky versions up to 7.11.8. Root cause: unknown code in the In...
CVE-2021-40923
Cross-site scripting XSS vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the email parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the email parameter...
CVE-2021-40924
Cross-site scripting XSS vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the firstname parameter...
CVE-2021-40923
The CVE-2021-40923 entry describes a Cross-site Scripting (XSS) vulnerability in the Bugs open-source defect tracking system, specifically install/index.php for Bugs 1.8 and earlier. The issue arises from the email parameter, allowing remote attackers to inject arbitrary web script or HTML. Conne...
CVE-2021-40922
CVE-2021-40922 is a cross-site scripting (XSS) vulnerability affecting the open source defect-tracking system Bugs/Tinyissue in versions 1.8 and earlier, exploitable via the last_name parameter in install/index.php . The root cause is improper input handling in that endpoint, enabling remote atta...
CVE-2021-40922
Cross-site scripting XSS vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the lastname parameter...
CVE-2021-37389
CVE-2021-37389 affects Chamilo 1.11.14. The vulnerability is a stored XSS in the installer paths main/install/index.php and main/install/ajax.php via the port parameter. The connected documents consistently describe this CVE as a stored XSS issue in Chamilo LMS and do not provide exploitation det...
CVE-2020-26042
An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection vulnerability in install/index.php...
CVE-2020-26043
An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php...
CVE-2020-26041
An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php...
CVE-2020-26043
An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php...
Cross site scripting
An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php...