18 matches found
EUVD-2020-9428
Malware in sbrugna...
EUVD-2012-0855
Malware in sbrugna...
CVE-2020-17476
Mibew Messenger before 3.2.7 allows XSS via a crafted user name...
CVE-2020-17476
Mibew Messenger before 3.2.7 allows XSS via a crafted user name...
CVE-2020-17476
Mibew Messenger before 3.2.7 allows XSS via a crafted user name...
Cross site scripting
Mibew Messenger before 3.2.7 allows XSS via a crafted user name...
CVE-2020-17476
Mibew Messenger before 3.2.7 allows XSS via a crafted user name...
CVE-2020-17476
The CVE-2020-17476 issue affects Mibew Messenger prior to 3.2.7, where an XSS vulnerability is exploitable via a crafted user name. The vulnerability is documented across multiple feeds (NVD, Red Hat security page, OSV, CVE listings). The likely remediation is upgrading to Mibew Messenger 3.2.7 o...
Mibew Messenger 1.6.15 Arbitrary File Disclosure
| Title : Mibew Messenger 1.6.15 File Accses Vulnerability | Author : indoushka | email : [email protected] | Dork : Mibew Messenger 1.6.15 | c 2011-2015 mibew.org | Tested on: windows 8.1 Français V.Pro | Download : http://mibew.org/ =======================================...
Mibew Web Messenger 1.6.4 SQL Injection
!/usr/bin/python Author: Ucha Gobejishvili Timeline: 2012-08-05 Bug Discovered 2012-08-05 Public Disclosured Vendor: Mibew Web Messenger http://mibew.org/ Version: Mibew Messenger 1.6.4 Demo: http://demo.mibew.org Introduction: Mibew Messenger also known as Open Web Messenger is an open-source li...
Mibew Messenger 1.6.4 - threadid SQL Injection
Mibew Messenger 1.6.4 - threadid SQL Injection source: https://www.securityfocus.com/bid/54857/info Mibew Messenger is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker t...
Mibew Messenger 1.6.4 - 'threadid' SQL Injection
source: https://www.securityfocus.com/bid/54857/info Mibew Messenger is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify...
CVE-2012-0829
Multiple cross-site request forgery CSRF vulnerabilities in Mibew Messenger 1.6.4 and earlier allow remote attackers to hijack the authentication of operators for requests that insert cross-site scripting XSS sequences via the 1 address or 2 threadid parameters to operator/ban.php; or 3...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Mibew Messenger 1.6.4 and earlier allow remote attackers to hijack the authentication of operators for requests that insert cross-site scripting XSS sequences via the 1 address or 2 threadid parameters to operator/ban.php; or 3...
CVE-2012-0829
CVE-2012-0829 applies to Mibew Messenger 1.6.4 and earlier. The issue is multiple CSRF vulnerabilities that allow remote attackers to hijack operator authentication by crafting requests that insert XSS sequences via parameters to operator/ban.php (address, threadid) and operator/settings.php (geo...
CVE-2012-0829
Multiple cross-site request forgery CSRF vulnerabilities in Mibew Messenger 1.6.4 and earlier allow remote attackers to hijack the authentication of operators for requests that insert cross-site scripting XSS sequences via the 1 address or 2 threadid parameters to operator/ban.php; or 3...
Mibew messenger multiple XSS
Advisory ID: CSA-12001 Title: Mibew messenger multiple XSS Product: mibew messenger Version: 1.6.4 and probably prior Vendor: mibew.org Vulnerability type: XSS Vendor notification: 2012-01-07 Public disclosure: 2012-01-24 Mibew messenger version 1.6.4 an probably below is vulnerable to multiple X...
Mibew Messenger 1.6.4 Cross Site Scripting
Advisory ID: CSA-12001 Title: Mibew messenger multiple XSS Product: mibew messenger Version: 1.6.4 and probably prior Vendor: mibew.org Vulnerability type: XSS Vendor notification: 2012-01-07 Public disclosure: 2012-01-24 Mibew messenger version 1.6.4 an probably below is vulnerable to multiple X...