CVE-2024-24574

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Unsafe echo of filename in phpMyFAQ\phpmyfaq\admin\attachments.php leads to allowed execution of JavaScript code in client side XSS. This vulnerability has been patched in version 3.2.5...

biotuintilburg.nl XSS vulnerability

Open Bug Bounty ID: OBB-620933 Description| Value ---|--- Affected Website:| biotuintilburg.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Calendarix Multiple Vulnerabilities (SQLi, XSS)

The remote host is running Calendarix, a PHP-based calendar system. The remote version of this software is prone to a remote file include vulnerability as well as multiple cross-site scripting, and SQL injection vulnerabilities. Successful exploitation could result in execution of arbitrary PHP...

vBulletin search.php query Parameter XSS

There is a cross-site scripting issue in vBulletin that may allow an attacker to steal a user's cookies. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid12058; scriptversion"1.24"; scriptcveid"CVE-2004-2076";...