CVE-2020-6142

A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cause local file inclusion. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2020-6142

A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cause local file inclusion. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2020-6142

OS4Ed openSIS 7.3 is affected by CVE-2020-6142 through a local file inclusion in the Modules.php functionality. A vulnerability in the modname parameter allows an attacker to include arbitrary files via directory traversal and potentially execute remote PHP code. The weakness is exploitable via c...

OS4Ed openSIS Modules.php remote code execution vulnerability

Summary A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cause local file inclusion. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3 Product URLs...

CVE-2020-13278

Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request...

CVE-2020-13278

Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request...

Cross site scripting

Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request...

CVE-2020-13278

CVE-2020-13278 is a reflected XSS vulnerability in RosarioSIS, specifically in Modules.php for RosarioSIS Student Information System versions prior to 6.5.1. The issue allows remote attackers to inject and execute arbitrary JavaScript/HTML via a GET parameter, potentially compromising user sessio...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in pragmaMx 1.x before 1.12.2 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter to modules.php or 2 imgurl to includes/wysiwyg/spaw/editor/plugins/imgpopup/imgpopup.php...

trabantklub.hu XSS vulnerability

Vulnerable URL: http://www.trabantklub.hu/twk/modules.php?name=-- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 9665872 VIP website status:| No Check trabantklub.hu SSL connection...

le-longeron.fr XSS vulnerability

Vulnerable URL: http://www.le-longeron.fr/modules.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 8609837 VIP website status:| No Check le-longeron.fr SSL connection:| Grade: F...

mairie-clisson.com XSS vulnerability

Vulnerable URL: http://www.mairie-clisson.com/modules.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3903337 VIP website status:| No Check mairie-clisson.com SSL connection:|...

simgonantes.com XSS vulnerability

Vulnerable URL: http://www.simgonantes.com/modules.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3890523 VIP website status:| No Check simgonantes.com SSL connection:| Grade: ...

Nuke Evolution 2.0.9d - Multiple CS Cross Site Vulnerabilities

Document Title: =============== Nuke Evolution 2.0.9d - Multiple CS Cross Site Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1894 Release Date: ============= 2016-08-09 Vulnerability Laboratory ID VL-ID:...

PHPNuke 1.0/2.5/3.0/4.x/5.x/6.x/7.x modules.php Multiple Parameter XSS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3609/info PHPNuke is a website creation/maintenance tool. PHPNuke is prone to cross-site scripting attacks. It is possible to create a link to the PHPNuke user information page, 'user.php', which contains malicious script...

PHP-Nuke 5.6 Modules.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6088/info A SQL injection vulnerability has been reported for PHP-Nuke 5.6. The vulnerability is due to insufficient sanitization of variables used to construct SQL queries in some scripts. It is possible to modify the...

PHPNuke INP Modules.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19208/info PHPNuke INP is prone to a cross-site scripting vulnerability that affects the 'modules.php' script. The specific version affected is currently unknown...

PHP-Nuke 6.5 Modules.PHP Username URI Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7570/info A cross site scripting vulnerability has been reported for PHP-Nuke. Specifically, PHP-Nuke does not sufficiently sanitize user-supplied input for the 'username' URI parameter to the modules.php script. This may...

Nortel Networks SRG V16 modules.php module Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to execu...

PHP-Nuke 6.0 Modules.PHP Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6465/info A denial of service vulnerability has been reported for the modules.php script used by PHP-Nuke. The vulnerability occurs because the modules.php script does not properly validate some URI parameters. An attacke...