14 matches found
EUVD-2020-13861
Malware in sbrugna...
EUVD-2018-11154
Malware in sbrugna...
CVE-2020-21081
A cross-site request forgery CSRF in Maccms 8.0 causes administrators to add and modify articles without their knowledge via clicking on a crafted URL...
CVE-2020-21082
A cross-site scripting XSS vulnerability in the background administrator article management module of Maccms 8.0 allows attackers to steal administrator and user cookies via crafted payloads in the text fields for Chinese and English names...
Cross site scripting
A cross-site scripting XSS vulnerability in the background administrator article management module of Maccms 8.0 allows attackers to steal administrator and user cookies via crafted payloads in the text fields for Chinese and English names...
Cross site request forgery (csrf)
A cross-site request forgery CSRF in Maccms 8.0 causes administrators to add and modify articles without their knowledge via clicking on a crafted URL...
CVE-2020-21082
CVE-2020-21082 affects Maccms 8.0, specifically the background administrator article management module. The vulnerability is a cross-site scripting (XSS) flaw that enables theft of administrator and user cookies via crafted payloads in the Chinese and English name fields. Exploitation details are...
CVE-2020-21082
A cross-site scripting XSS vulnerability in the background administrator article management module of Maccms 8.0 allows attackers to steal administrator and user cookies via crafted payloads in the text fields for Chinese and English names...
CVE-2020-21081
A cross-site request forgery CSRF in Maccms 8.0 causes administrators to add and modify articles without their knowledge via clicking on a crafted URL...
CVE-2020-21081
CVE-2020-21081 is a CSRF vulnerability in Maccms 8.0. The issue arises from insufficient request validation for article add/edit actions, allowing an attacker to manipulate content by luring an administrator to a crafted URL. Affected product: Maccms 8.0 (CMS for film/TV). Root cause: lack of pro...
Cross site scripting
Maccms 8.0 allows XSS via the inc/config/cache.php tkey parameter because template/paody/html/vodtype.html mishandles the keywords parameter, and a/tpl/module/db.php only filters the tname parameter not tkey...
CVE-2019-8410
Maccms 8.0 allows XSS via the inc/config/cache.php tkey parameter because template/paody/html/vodtype.html mishandles the keywords parameter, and a/tpl/module/db.php only filters the tname parameter not tkey...
CVE-2019-8410
Maccms 8.0 allows XSS via the inc/config/cache.php tkey parameter because template/paody/html/vodtype.html mishandles the keywords parameter, and a/tpl/module/db.php only filters the tname parameter not tkey...
CVE-2019-8410
CVE-2019-8410 affects Maccms 8.0, where an XSS exists due to improper handling of the t_key parameter in inc/config/cache.php and the related template logic in template/paody/html/vod_type.html, with a/tpl/module/db.php only filtering t_name. The vulnerability enables an attacker to store a scrip...