41 matches found
EUVD-2013-2255
Malware in sbrugna...
EUVD-2013-5190
Malware in sbrugna...
EUVD-2010-1072
Malware in sbrugna...
EUVD-2013-4219
Malware in sbrugna...
CVE-2024-27278
OpenPNE Plugin "opTimelinePlugin" 1.2.11 and earlier contains a cross-site scripting vulnerability. On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed on the web browsers of other users...
CVE-2013-2309
Cross-site scripting XSS vulnerability in the management screen in OpenPNE 3.4.x before 3.4.21.1, 3.6.x before 3.6.9.1, and 3.8.x before 3.8.5.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the "mobile version color scheme."...
CVE-2013-4333
OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection Vulnerability...
CVE-2010-1040
The "IP address range limitation" function in OpenPNE 1.6 through 1.8, 2.0 through 2.8, 2.10 through 2.14, and 3.0 through 3.4, when mobile device support is enabled, allows remote attackers to bypass the "simple login" functionality via unknown vectors related to spoofing...
CVE-2024-27278
OpenPNE Plugin "opTimelinePlugin" 1.2.11 and earlier contains a cross-site scripting vulnerability. On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed on the web browsers of other users...
CVE-2024-27278
OpenPNE Plugin "opTimelinePlugin" 1.2.11 and earlier contains a cross-site scripting vulnerability. On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed on the web browsers of other users...
Cross site scripting
OpenPNE Plugin "opTimelinePlugin" 1.2.11 and earlier contains a cross-site scripting vulnerability. On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed on the web browsers of other users...
CVE-2024-27278
OpenPNE Plugin "opTimelinePlugin" 1.2.11 and earlier contains a cross-site scripting vulnerability. On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed on the web browsers of other users...
CVE-2024-27278
OpenPNE plugin opTimelinePlugin (version 1.2.11 and earlier) contains a stored cross-site scripting (CWE-79) vulnerability in the Edit Profile page. When a user configures their profile with malicious content, an arbitrary script may execute in other users’ browsers. Affected product: OpenPNE opT...
CVE-2024-27278
OpenPNE Plugin "opTimelinePlugin" 1.2.11 and earlier contains a cross-site scripting vulnerability. On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed on the web browsers of other users...
OpenPNE plugin "opTimelinePlugin" vulnerable to cross-site scripting
Overview OpenPNE plugin "opTimelinePlugin" provided by OpenPNE Project contains a stored cross-site scripting vulnerability CWE-79 in Edit Profile page. Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
OpenPNE opTimelinePlugin Security Vulnerability
OpenPNE is OpenPNE is SNS builder software developed by an open source approach led by Teshimaya. A security vulnerability exists in OpenPNE opTimelinePlugin 1.2.11 and earlier versions, which stems from a stored cross-site scripting XSS vulnerability in the Edit Profile page...
JVN#78084105: OpenPNE plugin "opTimelinePlugin" vulnerable to cross-site scripting
OpenPNE plugin "opTimelinePlugin" provided by OpenPNE Project contains a stored cross-site scripting vulnerability CWE-79 in Edit Profile page. Impact On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed ...
CVE-2013-4333
OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection Vulnerability...
Xxe
OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection Vulnerability...
CVE-2013-4333
OpenPNE 3.x (versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5) is affected by an XXE/External Entity Injection vulnerability. The connected documents corroborate that the issue is tied to OpenPNE’s vulnerable handling of external entities, but do not provide detailed root-cause analysis, affect...