EUVD-2020-7702

Malware in sbrugna...

CVE-2008-0334

Cross-site scripting XSS vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the LPREFNAME855 parameter...

CVE-2023-34446 iTop XSS vulnerability on pages/preferences.php

iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, when displaying pages/preferences.php, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0...

CVE-2021-29032

A cross-site scripting XSS vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/preferences.php URI...

Cross-Site Scripting (XSS)

francoisjacquet/rosariosis is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbitrary Javascript in a user's browser via the tab parameter in Preferences.php...

CVE-2020-15716

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Preferences.php script. A remote attacker could exploit this vulnerability using the tab parameter in a crafted URL...

Input validation

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Preferences.php script. A remote attacker could exploit this vulnerability using the tab parameter in a crafted URL...

CVE-2020-15716

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Preferences.php script. A remote attacker could exploit this vulnerability using the tab parameter in a crafted URL...

CVE-2020-15716

RosarioSIS 6.7.2 contains a stored/reflected XSS in Preferences.php caused by improper validation of user input. An attacker can craft a URL with a manipulated tab parameter to execute injected script in a victim’s browser. The condition requires user interaction (depending on request flow) and a...

CVE-2017-17794

validateformpreferences in admin/preferences.php in BlogoText through 3.7.6 allows attackers to bypass intended access restrictions via vectors related to an e-mail address field...

SQL Injection

Moodle is vulnerable to SQL Injection attacks. A malicious user can inject and execute arbitrary SQL queries through the badges/preferences.php when updating preferences...

PHP iCalendar 1.1/2.x preferences.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script cod...

PHP Address Book Multiple Cross Site Scripting Vulnerabilities

This host is running PHP Address Book and is prone to multiple cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: secpodphpaddressbookmultxssvuln.nasl 5950 2017-04-13 09:02:06Z teissa $ PHP Address Book Multiple Cross Site Scripting Vulnerabilities Authors: Sooraj KS Copyright:...

PHP iCalendar 2.24 - cookie_language Local File Inclusion Arbitrary File Upload

PHP iCalendar 2.24 - cookielanguage Local File Inclusion Arbitrary File Upload '.$lang'lcalfile'.' '.$filenumber.': '.$lang'lactionsuccess'.''; 84. el...

Cross site scripting

Cross-site scripting XSS vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the LPREFNAME855 parameter...

PHP iCalendar 1.1/2.x - 'preferences.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

phpMyWebmin 1.0 (window.php) Remote File Include Vulnerability

No description provided by source. +PHP MyWebMin 1.0 Remote File Include +Advisory 5 +Product :PHP MyWebMin +Develop: +www.josh.ch/joshch/php-tools/phpmywebmin,download.html +Vulnerable: Remote File Includes +Risk:High +Class:Remote +Discovered:by Kernel-32 +Contact: [email protected]...