8 matches found
EUVD-2017-7365
Malware in sbrugna...
EUVD-2019-5475
Malware in sbrugna...
CVE-2019-14228
Xavier PHP Management Panel 3.0 is vulnerable to Reflected POST-based XSS via the username parameter when registering a new user at admin/includes/adminprocess.php. If there is an error when registering the user, the unsanitized username will reflect via the error page. Due to the lack of CSRF...
CVE-2017-15949
Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the logid parameter to admin/editgroup.php...
CVE-2019-14228
Xavier PHP Management Panel 3.0 is affected by a Reflected POST-based XSS in the username parameter during new user registration via admin/includes/adminprocess.php. The XSS reflects on the error page when registration fails, and the vulnerability is exacerbated by the absence of CSRF protection ...
CVE-2017-15949
Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the logid parameter to admin/editgroup.php...
CVE-2017-15949
Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the logid parameter to admin/editgroup.php...
CVE-2017-15949
CVE-2017-15949 affects Xavier PHP Management Panel 2.4. The vulnerability is an SQL injection in the admin/adminuseredit.php endpoint (parameter: usertoedit) and in admin/editgroup.php (parameter: log_id). Exploitation could allow an attacker to inject SQL commands and potentially take control of...