Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

107 matches found

ATTACKERKB
ATTACKERKBadded 2024/04/22 3:15 p.m.2 views

CVE-2022-34562

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the status box...

6.1CVSS6AI score0.0019EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/04/22 12:0 a.m.1 views

phpFox 跨站脚本漏洞

phpFox is a social networking platform from phpFox Inc. A cross-site scripting vulnerability exists in phpFox version v4.8.9, which originated from a vulnerability that allows attackers to execute arbitrary web script or HTML via an injected status box with a crafted payload...

6.1CVSS6AI score0.0019EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/04/22 12:0 a.m.4 views

PT-2024-11591 · Phpfox · Phpfox

Name of the Vulnerable Software and Affected Versions: PHPFox version 4.8.9 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter. Recommendations: For PHPFox version 4.8.9, consider...

7.1CVSS6.2AI score0.00137EPSS
Exploits0References6
Cvelist
Cvelistadded 2024/04/22 12:0 a.m.13 views

CVE-2022-34561

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter...

5.7AI score0.00106EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/04/22 12:0 a.m.13 views

CVE-2022-34560

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter...

5.8AI score0.00137EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/04/22 12:0 a.m.1 views

phpFox 安全漏洞

phpFox is a social networking platform from phpFox Inc. A security vulnerability exists in phpFox version v4.8.9. An attacker can exploit this vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload with the History parameter...

7.1CVSS6.8AI score0.00137EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/04/22 12:0 a.m.2 views

PT-2024-11592 · Phpfox · Phpfox

Name of the Vulnerable Software and Affected Versions: PHPFox version 4.8.9 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter. Recommendations: For PHPFox version 4.8.9,...

4.3CVSS6.2AI score0.00106EPSS
Exploits0References6
CNNVD
CNNVDadded 2024/04/22 12:0 a.m.1 views

phpFox 跨站脚本漏洞

phpFox is a social networking platform from phpFox Inc. A cross-site scripting vulnerability exists in phpFox version v4.8.9, which originated from a vulnerability that allows attackers to execute arbitrary web script or HTML via the video description parameter with a crafted payload...

4.3CVSS6AI score0.00106EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/04/22 12:0 a.m.1 views

PT-2024-11593 · Phpfox · Phpfox

Name of the Vulnerable Software and Affected Versions: PHPFox version 4.8.9 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the status box. Recommendations: For PHPFox version 4.8.9, consider disabling the...

6.1CVSS6.3AI score0.0019EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2024/04/22 12:0 a.m.8 views

CVE-2022-34562

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the status box...

5.8AI score0.0019EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/04/22 12:0 a.m.14 views

CVE-2022-34561

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter...

5.8AI score0.00106EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/04/22 12:0 a.m.13 views

CVE-2022-34560

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter...

5.7AI score0.00137EPSS
Exploits0References2
Exploit DB
Exploit DBadded 2024/02/19 12:0 a.m.296 views

phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit

?php / -------------------------------------------------------------- phpFox = 4.8.13 redirect PHP Object Injection Vulnerability -------------------------------------------------------------- author..............: Egidio Romano aka EgiX mail................: n0b0d13satgmaildotcom software...

7.4AI score
Exploits0
ATTACKERKB
ATTACKERKBadded 2023/11/03 5:15 a.m.2 views

CVE-2023-46817

An issue was discovered in phpFox before 4.8.14. The url request parameter passed to the /core/redirect route is not properly sanitized before being used in a call to the unserialize PHP function. This can be exploited by remote, unauthenticated attackers to inject arbitrary PHP objects into the...

9.8CVSS7.4AI score0.00768EPSS
Exploits3References6
OSV
OSVadded 2023/11/03 5:15 a.m.3 views

CVE-2023-46817

An issue was discovered in phpFox before 4.8.14. The url request parameter passed to the /core/redirect route is not properly sanitized before being used in a call to the unserialize PHP function. This can be exploited by remote, unauthenticated attackers to inject arbitrary PHP objects into the...

9.8CVSS5.9AI score0.00768EPSS
Exploits3References5
NVD
NVDadded 2023/11/03 5:15 a.m.8 views

CVE-2023-46817

An issue was discovered in phpFox before 4.8.14. The url request parameter passed to the /core/redirect route is not properly sanitized before being used in a call to the unserialize PHP function. This can be exploited by remote, unauthenticated attackers to inject arbitrary PHP objects into the...

9.8CVSS9.6AI score0.00768EPSS
Exploits3References5
Prion
Prionadded 2023/11/03 5:15 a.m.12 views

Code injection

An issue was discovered in phpFox before 4.8.14. The url request parameter passed to the /core/redirect route is not properly sanitized before being used in a call to the unserialize PHP function. This can be exploited by remote, unauthenticated attackers to inject arbitrary PHP objects into the...

7.5CVSS9.5AI score0.00768EPSS
Exploits3References5Affected Software1
Vulnrichment
Vulnrichmentadded 2023/11/03 12:0 a.m.13 views

CVE-2023-46817

An issue was discovered in phpFox before 4.8.14. The url request parameter passed to the /core/redirect route is not properly sanitized before being used in a call to the unserialize PHP function. This can be exploited by remote, unauthenticated attackers to inject arbitrary PHP objects into the...

9.6AI score0.00768EPSS
Exploits3References5
CVE
CVEadded 2023/11/03 12:0 a.m.40 views

CVE-2023-46817

CVE-2023-46817 (phpFox) affects phpFox

9.8CVSS9.4AI score0.00768EPSS
Exploits3References5Affected Software1
Cvelist
Cvelistadded 2023/11/03 12:0 a.m.13 views

CVE-2023-46817

An issue was discovered in phpFox before 4.8.14. The url request parameter passed to the /core/redirect route is not properly sanitized before being used in a call to the unserialize PHP function. This can be exploited by remote, unauthenticated attackers to inject arbitrary PHP objects into the...

9.8AI score0.00768EPSS
Exploits3References5
Rows per page
Query Builder