32 matches found
CVE-2020-10375
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...
CVE-2025-23628
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NewMediaOne GeoDigs geodigs allows Reflected XSS.This issue affects GeoDigs: from n/a through = 3.4.1...
EUVD-2020-2830
Malware in sbrugna...
EUVD-2018-10538
Malware in sbrugna...
EUVD-2025-3297
Malicious code in bioql PyPI...
CVE-2018-17556
MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action...
CVE-2025-23628
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NewMediaOne GeoDigs geodigs allows Reflected XSS.This issue affects GeoDigs: from n/a through = 3.4.1...
CVE-2025-23628
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NewMediaOne GeoDigs geodigs allows Reflected XSS.This issue affects GeoDigs: from n/a through = 3.4.1...
Design/Logic Flaw
Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...
CVE-2023-31133 Ghost vulnerable to disclosure of private API fields
Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...
SUSE CVE-2020-10375
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...
median.newmediacaucus.org Cross Site Scripting vulnerability OBB-2635146
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2020-10375
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...
CVE-2020-10375
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...
CVE-2020-10375
CVE-2020-10375 affects New Media Smarty before 9.10. The issue is that passwords are stored in an obfuscated format that can be easily reversed, with the obfuscated values located in the file data.mdb (second column). This is explicitly noted as unrelated to the popular Smarty template engine pro...
CVE-2020-10375
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...
Smarty Media New Media Smarty Security Breach
Smarty Media New Media Smarty is a software for demand management practices from Smarty Media, a German company This product is provided to anesthesiologists, psychotherapists, psychiatrists, neurologists and physicians who specialize in demand management practices. A security vulnerability exist...
Grapixel New Media 2 - pageref SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Grapixel New Media 2 - 'pageref' SQL Injection Exploit Author: Berk Dusunur Vendor Homepage: http://www.grapixel.com Software Link: http://www.grapixel.com Affected Version: v2 Tested on: MacosX CVE : N/A Proof Of Concept...
CVE-2018-18822
Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter...
Sql injection
Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter...