EUVD-2022-55986

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the posts/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

CVE-2022-50967

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET request...

CVE-2022-50966

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the news/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

CVE-2022-50968 uBidAuction 2.0.1 auctions manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

CVE-2022-50966 uBidAuction 2.0.1 news manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the news/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

CVE-2022-50965

CVE-2022-50965 affects uBidAuction 2.0.1, specifically the posts/manage module. The vulnerability is a reflected cross-site scripting flaw where the filter functionality fails to sanitize the date_created, date_from, date_to, and created_at parameters, allowing an attacker to inject malicious scr...

uBidAuction 跨站脚本漏洞

uBidAuction is an auction website system developed by the uBidAuction company, which supports online bidding and product transaction management. Version 2.0.1 of uBidAuction has a cross-site scripting vulnerability. This vulnerability stems from the improper cleaning of the filter functions for t...

PT-2026-39492

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET...

uBidAuction 跨站脚本漏洞

uBidAuction is an auction website system developed by the uBidAuction company, which supports online bidding and product transaction management. Version 2.0.1 of uBidAuction has a cross-site scripting vulnerability. This vulnerability stems from the improper cleaning of the filter functions for t...

CVE-2024-29471

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Notice Manage module...

CVE-2024-29471

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Notice Manage module...

CVE-2024-29471

CVE-2024-29471 concerns OneBlog v2.3.4, which has a stored cross-site scripting (XSS) vulnerability in the Notice Manage module. The NVD entry lists a CVSSv3.1 base score of 5.4 (Medium) with network attack, low complexity, required user interaction, and scope changed. Multiple connected sources ...

CVE-2024-29471

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting XSS vulnerability via the Notice Manage module...

OneBlog 安全漏洞

OneBlog is a beautiful and powerful Java blog. A security vulnerability exists in OneBlog v2.3.4, which stems from a stored cross-site scripting XSS vulnerability in the Notice Manage module...

PT-2024-22917 · Oneblog · Oneblog

Name of the Vulnerable Software and Affected Versions: OneBlog version 2.3.4 Description: A stored cross-site scripting XSS issue was found in the Notice Manage module. This allows for malicious scripts to be stored and executed on the site, potentially leading to unauthorized actions or data...

Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities

No description provided by source. Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-26 Vulnerability Laboratory ID VL-ID:...

Onpub CMS 1.4/1.5 - Multiple SQL Injections

Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-26 Vulnerability Laboratory ID VL-ID: ==================================...

Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities

Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-25 Vulnerability Laboratory ID VL-ID: ==================================...

Onpub CMS 1.4 / 1.5 SQL Injection

Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-26 Vulnerability Laboratory ID VL-ID: ==================================...

Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities

Document Title: =============== Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1120 Release Date: ============= 2013-10-25 Vulnerability Laboratory ID VL-ID: ==================================...