23 matches found
EUVD-2015-3072
Malware in sbrugna...
EUVD-2015-3053
Malware in sbrugna...
EUVD-2015-3052
Malware in sbrugna...
JVN#05493467: Simple keitai chat vulnerable to cross-site scripting
Simple keitai chat provided by LEMON-S PHP contains reflected and stored cross-site scripting vulnerabilities CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Simple keitai chat Simple keitai chat is no longer being developed or maintained. It is...
LEMON-S PHP Twit BBS Cross-Site Scripting Vulnerability
LEMON-S PHP Twit BBS is a PHP-based electronic bulletin board BBS forum. A cross-site scripting vulnerability exists in the index.php script in LEMON-S PHP Twit BBS. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of the 'imagetitle' parameter...
CVE-2015-2989
Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...
CVE-2015-2989
Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...
CVE-2015-2989
CVE-2015-2989 (LEMON-S PHP Twit BBS) is a cross-site scripting (XSS) vulnerability in the index.php script caused by unsafely processing the imagetitle parameter. The affected software is the Twit BBS PHP-based bulletin board. Impact as stated: remote attackers can inject arbitrary web script or ...
JVN#77193915: Twit BBS vulnerable to cross-site scripting
Twit BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of imagetitle parameter in index.php. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Twit BBS Twit BBS is no longer being developed or...
LEMON-S PHP Gazou BBS plus Arbitrary File Upload Vulnerability
LEMON-S PHP Gazou BBS plus is a free PHP-based electronic bulletin board system BBS. A security vulnerability exists in LEMON-S PHP Gazou BBS plus 2.35 and earlier versions. The vulnerability can be exploited by remote attackers to upload arbitrary HTML documents using specially crafted image fil...
LEMON-S PHP Gazou BBS plus Input Validation Vulnerability
LEMON-S PHP Gazou BBS plus is a free PHP-based BBS system. A security vulnerability exists in LEMON-S PHP Gazou BBS plus, which allows remote attackers to exploit the vulnerability to upload arbitrary HTML files...
CVE-2015-2974
LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file...
CVE-2015-2974
Gazou BBS plus (LEMON-S PHP) prior to version 2.36 is affected by a vulnerability in file upload processing that allows remote attackers to upload arbitrary HTML documents via specially crafted image files. Exploitation details are consistent across multiple sources (CNVD/NVD/JVN). The impact is ...
JVN#86680970: Gazou BBS plus vulnerability in file upload processing
Gazou BBS plus provided by LEMON-S PHP contains a vulnerability in the processing of file uploads. Impact An image file may be specially crafted to upload arbitrary HTML files. Solution Apply an Update Apply the update according to the information provided by the provider. Products Affected Gazou...
LEMON-S PHP Simple Oekaki BBS Arbitrary File Deletion Vulnerability
LEMON-S PHP Simple Oekaki BBS is a PHP-based electronic bulletin board BBS script. A security vulnerability exists in the index.php script of LEMON-S PHP Simple Oekaki BBS versions prior to 1.21. A remote attacker can exploit the vulnerability to delete arbitrary files with the help of the...
LEMON-S PHP Simple Oekaki BBS Cross-Site Scripting Vulnerability
LEMON-S PHP Simple Oekaki BBS is a PHP-based electronic bulletin board BBS script. A cross-site scripting vulnerability exists in the index.php script in LEMON-S PHP Simple Oekaki BBS versions prior to 1.21. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
CVE-2015-2969
Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to inject arbitrary web script or HTML via the oekakis parameter...
CVE-2015-2970
The vulnerability CVE-2015-2970 affects the LEMON-S PHP Simple Oekaki BBS, specifically versions prior to 1.21. A flaw in index.php allows remote attackers to delete arbitrary files by manipulating the oekakis parameter, due to improper parsing. This is a server-side file deletion issue that coul...
CVE-2015-2969
CVE-2015-2969 corresponds to a persistent XSS in LEMON-S PHP Simple Oekaki BBS before version 1.21. The vulnerability is triggered in index.php through the oekakis parameter, allowing remote attackers to inject arbitrary scripts/HTML. Affected software: Simple Oekaki BBS ≤ v1.20 (prior to 1.21). ...