62 matches found
EUVD-2012-5157
Malware in sbrugna...
EUVD-2015-9386
Malware in sbrugna...
EUVD-2012-1488
Malware in sbrugna...
EUVD-2015-2768
Malware in sbrugna...
EUVD-2004-1586
Malware in sbrugna...
EUVD-2012-1489
Malware in sbrugna...
CVE-2012-1471
Directory traversal vulnerability in cataloguefile.php in ocPortal before 7.1.6 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2015-9549
A reflected Cross-site Scripting XSS vulnerability exists in OcPortal 9.0.20 via the OCFEMOTICONCELL.tpl FIELDNAME field to data/emoticons.php...
CVE-2012-1470
Multiple cross-site scripting XSS vulnerabilities in codeeditor.php in ocPortal before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via the 1 path or 2 line parameters...
CVE-2012-5234
Open redirect vulnerability in index.php in ocPortal before 7.1.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter...
CVE-2015-9549
A reflected Cross-site Scripting XSS vulnerability exists in OcPortal 9.0.20 via the OCFEMOTICONCELL.tpl FIELDNAME field to data/emoticons.php...
Cross site scripting
A reflected Cross-site Scripting XSS vulnerability exists in OcPortal 9.0.20 via the OCFEMOTICONCELL.tpl FIELDNAME field to data/emoticons.php...
CVE-2015-9549
A reflected Cross-site Scripting XSS vulnerability exists in OcPortal 9.0.20 via the OCFEMOTICONCELL.tpl FIELDNAME field to data/emoticons.php...
CVE-2015-9549
OcPortal 9.0.20 is affected by a reflected XSS in the OCF_EMOTICON_CELL.tpl FIELD_NAME used to data/emoticons.php. The vulnerability is triggered via user-supplied input reflected in the page; CVSS details cited include CVSS v2 base score 4.3 (MEDIUM) and CVSS v3.1 base score 6.1 (MEDIUM). The co...
OcProducts OcPortal FIELD_NAME参数跨站脚本漏洞
No description provided by source...
OcProducts OcPortal 'FIELD_NAME' Parameter Cross-Site Scripting Vulnerability
OcProducts ocPortal is an open source PHP and MySQL based Content Management System CMS from OcProducts. A cross-site scripting vulnerability exists in OcProducts OcPortal. An attacker can exploit this vulnerability to execute arbitrary script code, steal cookie-based authentication and launch...
Multiple Cross-Site Scripting Vulnerabilities in ocPortal
ocPortal is a content management system. Multiple cross-site scripting vulnerabilities exist in ocPortal. The vulnerabilities can be exploited to allow remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when maliciou...
CVE-2015-2677
Multiple cross-site scripting XSS vulnerabilities in ocPortal before 9.0.17 allow remote authenticated users to inject arbitrary web script or HTML via the 1 title or 2 text field in the cmscalendar page to cms/index.php; unspecified fields in 3 the cmspolls page to cms/index.php or 4 a new topic...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ocPortal before 9.0.17 allow remote authenticated users to inject arbitrary web script or HTML via the 1 title or 2 text field in the cmscalendar page to cms/index.php; unspecified fields in 3 the cmspolls page to cms/index.php or 4 a new topic...
CVE-2015-2677
ocPortal contains multiple reflected XSS vulnerabilities up to version 9.0.16 (pre-9.0.17). The exploitable areas listed are the cms_calendar (title/text) and cms/index.php, the cms_polls page, and creating new topics or private topics in forum/index.php. The root cause is improper handling of us...