30 matches found
EUVD-2005-3009
Malware in sbrugna...
EUVD-2003-1307
Malware in sbrugna...
CVE-2000-1234
violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters...
SUSE CVE-2007-3779
PHP local file inclusion vulnerability in gpgpopinit.php in the G/PGP GPG Plugin before 20070707 for Squirrelmail allows remote attackers to include and execute arbitrary local files, related to the MOD parameter...
CVE-2020-28184
Cross-site scripting XSS vulnerability in TerraMaster TOS = 4.2.06 allows remote authenticated users to inject arbitrary web script or HTML via the mod parameter to /module/index.php...
Cross site scripting
Cross-site scripting XSS vulnerability in TerraMaster TOS = 4.2.06 allows remote authenticated users to inject arbitrary web script or HTML via the mod parameter to /module/index.php...
CVE-2020-13969
CRK Business Platform = 2019.1 allows reflected XSS via erro.aspx on 'CRK', 'IDContratante', 'Erro', or 'Mod' parameter. This is path-independent...
CVE-2018-12095
A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php...
Cross site scripting
A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php...
srilakor.go.th XSS vulnerability
Open Bug Bounty ID: OBB-236743 Description| Value ---|--- Affected Website:| srilakor.go.th Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
eNdonesia 8.2/8.3 Mod Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8506/info It has been reported that eNdonesia is prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a victim's browser. The issue reportedly exists in the...
Crea-Boutique - Persistent XSS Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...
CVE-2011-4564
Cross-site scripting XSS vulnerability in the admin script in Active CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter in a module action...
CVE-2011-4564
Cross-site scripting XSS vulnerability in the admin script in Active CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter in a module action...
CVE-2011-1034
Cross-site scripting XSS vulnerability in the UI in IBM Rational Build Forge 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter to the fullcontrol program. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in the UI in IBM Rational Build Forge 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter to the fullcontrol program. NOTE: some of these details are obtained from third party information...
Directory traversal
Directory traversal vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the mod parameter...
Sahana 'mod' Parameter Local File Disclosure Vulnerability
Sahana is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in FlatnuX CMS aka Flatnuke3 2008-12-11 allow remote attackers to inject arbitrary web script or HTML via 1 the mod parameter to the default URI; 2 the foto parameter to photo.php in the 05Foto module; or 3 the name parameter in an insertrecord...
Phorum violation.php3转发任意邮件漏洞
BUGTRAQ: 2272 Phorum是一款基于PHP的WEB论坛程序,可使用在Linux和Unix操作系统下,也可使用在Microsoft Windows操作系统下。Phorum存在一个漏洞允许远程用户发送任意邮件,而且不需要任何验证。 violation.php3处理URL的参数,通过主机的MTA给Mod参数指定的email发送邮件,不过要记住的是,这封电子邮件会包含攻击者的IP(或代理服务器IP)和FQDN。恶意用户可能利用这个漏洞发送垃圾邮件或邮件炸弹等行径,可能让WEB主机的IP被加入垃圾邮件服务器的黑名单。 3.0.7 and Previous Brian Moon...