57 matches found
CVE-2022-26173
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery CSRF via http://targethost:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts...
EUVD-2019-17089
Malware in sbrugna...
EUVD-2012-5261
Malware in sbrugna...
EUVD-2012-5260
Malware in sbrugna...
EUVD-2013-6992
Malware in sbrugna...
EUVD-2022-30739
Malicious code in bioql PyPI...
This Week in Spring (AI) - May 27th, 2025
Hi, Spring fans! Welcome to another installment of This Week in Spring! This time, I'm talking to you after an insane week behind me. Last week I flew from San Francisco to Stockholm, Sweden where I was the speaker for the JForum event, a monthly meetup. Spring drew the largest audience to JForum...
CVE-2012-5338
Open redirect vulnerability in JForum 2.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnPath parameter in a validateLogin action to jforum.page...
CVE-2012-5337
Multiple cross-site scripting XSS vulnerabilities in jforum.page in JForum 2.1.9 allow remote attackers to inject arbitrary web script or HTML via the 1 action, 2 matchtype, 3 sortby, or 4 start parameters...
A Bootiful Podcast: This Week in Spring (AI) - May 20th, 2025
Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this, I'm in sunny Stockholm, Sweden for the JForum 123 installment. This is, apparently, the first time the meetup is completely full up since before the pandemic, with more than 150 people in attendance! Tak,...
This Week in Spring - May 13th, 2025
Hi, Spring fans! As I write this, I'm at the amazing Code Remix event in Miami well, technically Tampa, Florida. I'll also be speaking at the Tampa JUG while I'm there, so look out! After that, I'll be headed back to Europe—a wee bit further north this time—to Stockholm for the amazing JForum...
CVE-2022-26173
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery CSRF via http://targethost:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts...
CVE-2022-26173
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery CSRF via http://targethost:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts...
CVE-2022-26173
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery CSRF via http://targethost:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts...
Cross site request forgery (csrf)
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery CSRF via http://targethost:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts...
CVE-2022-26173
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery CSRF via http://targethost:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts...
CVE-2022-26173
CVE-2022-26173 affects JForum v2.8.0, where a Cross-Site Request Forgery vulnerability on /jforum.page allows attackers to arbitrarily add admin accounts. The provided sources confirm the impact but do not specify a patch version or remediation steps. Exploitation details beyond the CSRF descript...
JForum 跨站请求伪造漏洞
JForum is Jforum team of a set of Java language development , Web-based open source forum system . JForum v2.8.0 version of a security vulnerability , the vulnerability stems from /jforum.page found to exist cross-site request forgery vulnerability . Attackers use this vulnerability to arbitraril...
JForum 跨站脚本漏洞
JForum is a web-based open source forum system developed by Jforum team using Java language. A cross-site scripting vulnerability exists in JForum, which stems from the failure of the product's ViewCommon.java file to properly handle user input data. An attacker can use this vulnerability to...
jforum 2.7.0 Cross Site Scripting
hi, I found a vulnerability in the jforum 2.7.0. It is a storage cross site script vulnerability. The place is the user's profile - signature. The technique of the vulnerability is the same as that described in this article "STORED CROSS SITE SCRIPTING IN BBCODE"...