EUVD-2013-6979

Malware in sbrugna...

EUVD-2006-2630

Malware in sbrugna...

EUVD-2013-6978

Malware in sbrugna...

EUVD-2023-50983

Malicious code in bioql PyPI...

CVE-2022-34560

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter...

CVE-2022-34561

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter...

CVE-2022-34562

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the status box...

CVE-2023-46817

An issue was discovered in phpFox before 4.8.14. The url request parameter passed to the /core/redirect route is not properly sanitized before being used in a call to the unserialize PHP function. This can be exploited by remote, unauthenticated attackers to inject arbitrary PHP objects into the...

phpFox Security Vulnerabilities

phpFox is a social networking platform from phpFox Inc. A security vulnerability exists in phpFox 4.8.13 and earlier versions, which stems from user input passed to the /core/redirect route via a url request parameter that is not properly cleaned up before calling the unserialize PHP function,...

PHPFox 3.0.1 - 'ajax.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/55405/info phpFox is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...