EUVD-2018-10389

Malware in sbrugna...

EUVD-2018-6819

Malware in sbrugna...

CVE-2024-58128

In MISP before 2.4.193, menucustomrightlink parameters can be set via the UI i.e., without using the CLI and thus attackers with admin privileges can conduct XSS attacks via a global menu link...

CVE-2024-58128

CVE-2024-58128 (MISP) affects MISP prior to 2.4.193. The issue allows attackers with admin privileges to perform cross-site scripting (XSS) through the menu_custom_right_link parameter set via the UI (no CLI). The root cause is an insufficiency in input validation/handling of that parameter, enab...

LavaLite Cross-Site Scripting Vulnerability (CNVD-2021-50080)

Lavalite is an open source content management system developed using the Laravel framework. A cross-site scripting vulnerability exists in LavaLite version 5.8.0. The vulnerability can be exploited to conduct cross-site scripting attacks via the "menu link" feature...

LavaLite 跨站脚本漏洞

Lavalite is an open source content management system developed using the Laravel framework. A cross-site scripting vulnerability exists in LavaLite version 5.8.0. The vulnerability can be exploited to conduct cross-site scripting attacks via the "menu link" feature...

CVE-2018-18673

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menulistupdate.php melink parameter...

CVE-2018-18673

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menulistupdate.php melink parameter...

Code injection

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menulistupdate.php melink parameter...

CVE-2018-18673

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menulistupdate.php melink parameter...

PT-2019-9619 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 version 5.3.1.9 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the me link parameter, also known as the "Menu Link" parameter, in the adm/menu list update.php endpoint. This can be exploite...

my little forum cross-site scripting vulnerability (CNVD-2019-21126)

my little forum is a set of Internet forum applications based on PHP and MySQL. The application uses a traditional tree view to display information and supports image uploading, template engine, BB code and emoticons. A cross-site scripting vulnerability exists in the Add page option in my little...

Design/Logic Flaw

The Add page option in my little forum 2.4.12 allows XSS via the Menu Link field...

CVE-2018-14937

The Add page option in my little forum 2.4.12 allows XSS via the Menu Link field...

CVE-2018-14937

The Add page option in my little forum 2.4.12 allows XSS via the Menu Link field...

CVE-2018-14937

The Add page option in my little forum 2.4.12 allows XSS via the Menu Link field...

CVE-2018-14937

CVE-2018-14937 describes a cross-site scripting (XSS) vulnerability in my little forum 2.4.12, exploitable via the Menu Link field on the Add page. Multiple connected sources corroborate that the issue is an XSS in the Add page option of my little forum 2.4.12. The root cause, as stated across so...

PT-2018-12812 · My Little Forum · My Little Forum

Name of the Vulnerable Software and Affected Versions: my little forum version 2.4.12 Description: The issue allows for XSS via the Menu Link field in the Add page option. Recommendations: For my little forum version 2.4.12, consider restricting access to the Add page option until a fix is...