26 matches found
CVE-2014-4851
Open redirect vulnerability in msg.php in FoeCMS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the r parameter...
EUVD-2020-17705
Malware in sbrugna...
EUVD-2014-4770
Malware in sbrugna...
CVE-2020-25005
Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the ID parameter which may allow a remote attacker to execute arbitrary code...
CVE-2014-4849
Multiple cross-site scripting XSS vulnerabilities in msg.php in FoeCMS allow remote attackers to inject arbitrary web script or HTML via the 1 e or 2 r parameter...
CVE-2024-11130 ZZCMS msg.php cross site scripting
A vulnerability was found in ZZCMS up to 2023. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/msg.php. The manipulation of the argument keyword leads to cross site scripting. The attack may be launched remotely. The exploit has been...
CVE-2024-11130 ZZCMS msg.php cross site scripting
A vulnerability was found in ZZCMS up to 2023. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/msg.php. The manipulation of the argument keyword leads to cross site scripting. The attack may be launched remotely. The exploit has been...
CVE-2020-25005
Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the ID parameter which may allow a remote attacker to execute arbitrary code...
CVE-2020-25005
Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the ID parameter which may allow a remote attacker to execute arbitrary code...
Sql injection
Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the ID parameter which may allow a remote attacker to execute arbitrary code...
CVE-2020-25005
Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the ID parameter which may allow a remote attacker to execute arbitrary code...
CVE-2020-25005
CVE-2020-25005 affects Heybbs v1.2 with a SQL injection in msg.php via the ID parameter, potentially enabling a remote attacker to execute arbitrary code. This vulnerability has been reported across multiple sources (NVD/Red Hat/CVE listing). The connected documents provide the same description b...
snarfblam.com XSS vulnerability
Open Bug Bounty ID: OBB-595647 Description| Value ---|--- Affected Website:| snarfblam.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
zzcms user/msg.php SQL injection and stored XSS
No description provided by source...
Open redirect
Open redirect vulnerability in the redir function in includes/function.php in C97net Cart Engine before 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header to 1 index.php, 2 cart.php, 3 msg.php, or 4 page.php...
CVE-2014-4849
CVE-2014-4849 describes multiple cross-site scripting (XSS) weaknesses in the FoeCMS component, specifically in the file/msg handler msg.php , exploitable via the input parameters (1) e and (2) r. The issue allows remote attackers to inject arbitrary web script or HTML. The NVD metrics list a bas...
CVE-2014-4851
CVE-2014-4851 describes an open redirect in the FoeCMS component msg.php, where an attacker can use the r parameter to redirect victims to arbitrary sites, enabling phishing-like scenarios. The description and related records consistently refer to this vulnerability as an open redirect in FoeCMS ...
Dominant Creature BBGRPG Browser Game - Persistent Cross-Site Scripting
Dominant Creature BBGRPG Browser Game - Persistent Cross-Site Scripting =================================================================================== Dominant Creature BBG/RPG browser game XSS vulnerabilities ==================================================================================...
CVE-2007-3518
SQL injection vulnerability in msg.php in HispaH YouTube Clone Script youtubeclone allows remote attackers to execute arbitrary SQL commands via the id parameter...
YouTube Clone Script (msg.php id) Remote SQL Injection Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ YouTube Clone Script SQL Injection Vulnerability +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz &...