26 matches found
EUVD-2015-5452
Malware in sbrugna...
EUVD-2020-13136
Malware in sbrugna...
EUVD-2007-2368
Malware in sbrugna...
CVE-2020-20349
WTCMS 1.0 contains a stored cross-site scripting XSS vulnerability in the link address field under the background links module...
CVE-2024-36684
In the module "Custom links" pkcustomlinks = 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...
PT-2024-40345 · Unknown · Contextual Links
Name of the Vulnerable Software and Affected Versions: Contextual Links module affected versions not specified Description: The issue arises from insufficient validation of requested contextual links by the Contextual Links module. However, the risk is mitigated because an attacker would need to...
SUSE CVE-2003-0279
Multiple SQL injection vulnerabilities in the WebLinks module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using 1 the viewlink function and cid parameter, or 2 index.php...
CVE-2020-20349
WTCMS 1.0 contains a stored cross-site scripting XSS vulnerability in the link address field under the background links module...
CVE-2020-20349
WTCMS 1.0 contains a stored cross-site scripting XSS vulnerability in the link address field under the background links module...
Cross site scripting
WTCMS 1.0 contains a stored cross-site scripting XSS vulnerability in the link address field under the background links module...
CVE-2020-20349
WTCMS 1.0 contains a stored cross-site scripting XSS vulnerability in the link address field under the background links module...
CVE-2020-20349
CVE-2020-20349 affects WTCMS 1.0 and describes a stored cross-site scripting (XSS) vulnerability in the link address field of the background links module. The issue is documented across multiple sources (NVD, Red Hat, CNVD, CVE records) as a stored XSS in that field; no exploit details or affecte...
Critical RCE Bugs Patched in Drupal 7 and 8
Drupal is urging users to upgrade to the latest release that fixes two critical remote code execution bugs impacting Drupal 7 and Drupal 8. Developers have also identified three additional “moderately critical” vulnerabilities. “A remote attacker could exploit some of these vulnerabilities to tak...
CVE-2015-5497
Cross-site scripting XSS vulnerability in the Web Links module 6.x-2.x before 6.x-2.6 and 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-5497
Cross-site scripting XSS vulnerability in the Web Links module 6.x-2.x before 6.x-2.6 and 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-5497
The CVE-2015-5497 issue affects Drupal’s Web Links module (Drupal 6.x-2.x family and Drupal 7.x-1.x family). The vulnerability is an XSS that occurs due to insufficient sanitization in the Web Links module, allowing remote authenticated users with certain permissions to inject arbitrary web scrip...
Drupal Web Links Module Cross-Site Scripting Vulnerability
Drupal is a free and open source content management system developed in PHP. web Links is one of the web link modules. A cross-site scripting vulnerability exists in the Drupal Navigate module, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, whi...
Drupal Current Search Links Module Cross-Site Scripting Vulnerability
Drupal is a free and open source content management system developed in PHP. A cross-site scripting vulnerability exists in Drupal Current Search Links, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive...
PHP-Nuke 7.6 Web_Links Module Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/13025/info PHP-Nuke is reportedly affected by multiple cross-site scripting vulnerabilities in the WebLinks Module. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacke...
Nuked-Klan 1.7 Links Module link_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15181/info Nuked Klan is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These vulnerabilities...