13 matches found
EUVD-2017-11113
Malware in sbrugna...
CVE-2017-20106
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
CVE-2017-20106
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
CVE-2017-20106
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
Server side request forgery (ssrf)
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
CVE-2017-20106 Lithium Forum Compose Message server-side request forgery
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
CVE-2017-20106
The CVE-2017-20106 entry concerns Lithium Forum 2017 Q1. A server-side request forgery (SSRF) vulnerability arises from manipulating the upload_url argument in the Compose Message Handler component. The attack requires local access, and public exploits have been disclosed. Documented impact indic...
CVE-2017-20106 Lithium Forum Compose Message server-side request forgery
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the argument uploadurl leads to server-side request forgery. The attack needs to be approached...
Khoros Forum 代码问题漏洞
Khoros Forum Lithium Forum is a forum system from the US-based Khoros Corporation. A security vulnerability exists in the 2017 Q1 release of Khoros Forum Lithium Forum, which stems from a server-side request forgery vulnerability discovered via the uploadurl parameter...
Dropbox: Stored XSS in dropboxforum.com
This report described a vulnerability where an attacker could put a specially crafted payload into the reply section of threads on dropboxforum.com to bypass the HTML filter on the site. This enabled a stored XSS attack against anyone viewing the message. This was an issue in Lithium forum...
Lithium Forum - (Compose Message) SSRF Vulnerability
Document Title: =============== Lithium Forum - Compose Message SSRF Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2030 Release Date: ============= 2017-02-20 Vulnerability Laboratory ID VL-ID: ==================================== 2030...
Lithium Forum Cross Site Scripting
Document Title: =============== Lithium Forum - previewImages Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1520 Release Date: ============= 2015-12-18 Vulnerability Laboratory ID VL-ID: ==================================== 152...
Skype Community - Persistent Editor Web Vulnerability
Document Title: =============== Skype Community - Persistent Editor Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=707 MICROSOFT SECURITY RESPONSE CENTER MSRC ID: 13021bc Release Date: ============= 2013-03-28 Vulnerability Laboratory ...