42 matches found
PT-2025-32531 · Winterchens · My-Site
Name of the Vulnerable Software and Affected Versions: WinterChenS my-site affected versions not specified Description: A vulnerability exists in the preHandle function of the /admin/ file within the Backend Interface component. Manipulation of the uri argument results in improper authentication...
CVE-2024-52598
2FAuth is a web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Two interconnected vulnerabilities exist in version 5.4.1 a SSRF and URI validation bypass issue. The endpoint at POST /api/v1/twofaccounts/preview allows setting a remote URI to retrieve the...
CVE-2024-52598 2FAuth vulnerable to Server Side Request Forgery + URI validation bypass in 2fauth /api/v1/twofaccounts/preview
2FAuth is a web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Two interconnected vulnerabilities exist in version 5.4.1 a SSRF and URI validation bypass issue. The endpoint at POST /api/v1/twofaccounts/preview allows setting a remote URI to retrieve the...
CVE-2024-52598
2FAuth 5.4.1 fixes a pair of issues: an SSRF vulnerability and a URI validation bypass in the POST /api/v1/twofaccounts/preview endpoint. An attacker can supply a remote URI; the app may perform a GET to that URL and, if the response appears as an image, store it on the server. The URI filter che...
Claroline 1.8.9 announcements/announcements.php URL XSS
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
Claroline 1.8.9 course/index.php URL XSS
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
Claroline 1.8.9 course_description/index.php URL XSS
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
Claroline 1.8.9 document/document.php URL XSS
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
Claroline 1.8.9 group/group_space.php URL XSS
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
Claroline 1.8.9 calendar/agenda.php URL XSS
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
Claroline 1.8.9 phpbb/reply.php URL XSS
No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...
PolarisCMS Cross Site Scripting
PolarisCMS blog.aspx Remote URI Based Cross-Site Scripting Vulnerability Vendor: PolarisCMS Product web page: http://www.polariscms.com Affected version: 2012 Summary: PolarisCMS is a White Label CMS content management System providing more features, functions and flexibility to global web...
Limny 3.0.1 Cross Site Scripting
Limny 3.0.1 login.php Remote URI Based Cross-Site Scripting Vulnerability Vendor: Hamidreza Samak Product web page: http://www.limny.org Affected version: 3.0.1 Summary: Limny is a free and open-source content management framework with a focus on ease to use and develop. It can be used as a stabl...
PHP Universal Web Messenger Cross-Domain Redirect
http://www.procheckup.com/vulnerabilitymanager/vulnerabilities/pr10-06 PR10-06 Cross-domain redirect on PGP Universal Web Messenger Advisory publicly released: Thursday, 16 December 2010 Vulnerability found: Wednesday, 10 February 2010 Vendor informed: Wednesday, 10 February 2010 Vulnerability...
PaoLink 1.0 Cross Site Scripting
/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || Pao-Link V.1.0 Remote URI XSS Vulnerabilities Discovered By : Moudi Contact : Download : http://zenas.org Greetings : Mizoz, Zuka, str0ke,...
PaoBacheca 2.1 Cross Site Scripting
/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || PaoBacheca 2.1 Remote URI XSS Vulnerabilities Discovered By : Moudi Contact : Download : http://zenas.org Greetings : Mizoz, Zuka, str0ke,...
Mob Astro Cross Site Scripting
-----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
Mob oLyrics Cross Site Scripting
-----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
Autonomy Ultraseek - 'cs.html' Open Redirection
source: https://www.securityfocus.com/bid/33500/info Autonomy Ultraseek is prone to a remote URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks...
Autonomy Ultraseek - cs.html Open Redirection
Autonomy Ultraseek - cs.html Open Redirection source: https://www.securityfocus.com/bid/33500/info Autonomy Ultraseek is prone to a remote URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks...