120 matches found
Cross site request forgery (csrf)
Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...
PT-2023-27952 · Phpkobo · Phpkobo Ajaxnewticker
Name of the Vulnerable Software and Affected Versions: phpkobo AjaxNewsTicker version 1.0.5 Description: An issue in phpkobo AjaxNewsTicker allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter. Recommendations: For phpkobo AjaxNewsTicker version 1.0.5,...
CVE-2023-41451
CVE-2023-41451 affects phpkobo AjaxNewTicker v1.0.5. The vulnerability is a Cross Site Scripting (XSS) in the index.php component, exploitable via a crafted payload to the txt parameter, which could allow an attacker to execute arbitrary code in the context of the victim’s browser. The NVD entry ...
phpkobo AjaxNewTicker Cross-Site Scripting Vulnerability
phpkobo AjaxNewTicker is an application from phpkobo Inc. A security vulnerability exists in phpkobo AjaxNewTicker version v.1.0.5, which originates from a cross-site scripting XSS vulnerability in the file index.php...
CVE-2023-41451
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...
CVE-2023-41452
Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...
CVE-2023-41449
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter...
CVE-2023-41445
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the index.php component...
CVE-2023-41449
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter...
PT-2023-27954 · Phpkobo · Phpkobo Ajaxnewticker
Name of the Vulnerable Software and Affected Versions: phpkobo AjaxNewsTicker version 1.0.5 Description: An issue in phpkobo AjaxNewsTicker allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter. Recommendations: For phpkobo AjaxNewsTicker version 1.0.5,...
CVE-2023-41445
CVE-2023-41445 affects the PHPKobo AjaxNewTicker product, version 1.0.5. The vulnerability is a Cross-Site Scripting (XSS) flaw in the index.php component that can be triggered by a crafted payload, enabling a remote attacker to execute arbitrary code within the context of the affected applicatio...
phpkobo AjaxNewTicker code issue vulnerability
phpkobo AjaxNewTicker is an application from phpkobo Inc. A security vulnerability exists in phpkobo AjaxNewTicker version v.1.0.5, which stems from an arbitrary code execution vulnerability in the parameter reque...
CVE-2023-41453
CVE-2023-41453 concerns a Cross-Site Scripting vulnerability in phpkobo AjaxNewTicker v1.0.5. The issue arises from an exploitable vulnerability in the cmd parameter of the file index.php, enabling a remote attacker to supply a crafted payload that results in arbitrary code execution through XSS....
CVE-2023-41449
CVE-2023-41449 affects phpkobo AjaxNewsTicker v1.0.5. Multiple connected sources confirm a remote code execution vulnerability via a crafted payload to the reque parameter, enabling arbitrary code execution. The issue stems from improper handling of the reque input in the application. Impact is d...
PT-2023-27949 · Unknown · Phpkobo Ajaxnewticker
Name of the Vulnerable Software and Affected Versions: phpkobo AjaxNewTicker version 1.0.5 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the "index.php" component. This enables the attacker to perform Cross Site Scripting...
phpkobo AjaxNewTicker Cross-Site Request Forgery Vulnerability
phpkobo AjaxNewTicker is an application from phpkobo Inc. A security vulnerability exists in phpkobo AjaxNewTicker version v.1.0.5, which stems from a cross-site request forgery CSRF vulnerability in the parameter txt of the file index.php...
CVE-2023-41453
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component...
PT-2023-27955 · Unknown · Phpkobo Ajaxnewticker
Name of the Vulnerable Software and Affected Versions: phpkobo AjaxNewTicker version 1.0.5 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the "index.php" component. This enables the attacker to inject...
PT-2023-27957 · Unknown · Phpkobo Ajaxnewticker
Name of the Vulnerable Software and Affected Versions: phpkobo AjaxNewTicker version 1.0.5 Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the "index.php" component. This enables the attacker to perform Cross Site Scripting...
CVE-2023-41445
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the index.php component...