UBUNTU-CVE-2024-31143

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

CVE-2023-47324

Silverpeas Core 6.3.1 is vulnerable to Cross Site Scripting XSS via the message/notification feature...

bobbob.co.kr XSS vulnerability

Vulnerable URL: http://www.bobbob.co.kr/message/message.asp?operate=1"...

Stored Cross-Site Scripting Vulnerability in PageAdmin CMS Online Message Feature

PageAdmin CMS is an enterprise building system based on PHP and mysql technology. A stored cross-site scripting vulnerability exists in the online message function of PageAdmin CMS. An attacker can insert malicious js code into the page to obtain user cookies and other information, resulting in...

Cross site scripting

Cross-site scripting XSS vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of...

PHP-Nuke 6.x/7.x - Public Message SQL Injection

source: https://www.securityfocus.com/bid/9615/info It has been reported that the 'public message' feature of PHP-Nuke is vulnerable to an SQL injection vulnerability. The issue is due to improper sanitization of user-defined parameters supplied to the module. As a result, an attacker could modif...

PHP-Nuke 6.x7.x - Public Message SQL Injection

PHP-Nuke 6.x7.x - Public Message SQL Injection source: https://www.securityfocus.com/bid/9615/info It has been reported that the 'public message' feature of PHP-Nuke is vulnerable to an SQL injection vulnerability. The issue is due to improper sanitization of user-defined parameters supplied to t...