311 matches found
Joomla! Component Shoutbox Pro - Local File Inclusion
A directory traversal vulnerability in the Shoutbox Pro comshoutbox component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1534 info: name: Joomla! Component Shoutbox Pro - Local File Inclusion author: daffainf...
Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection
The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. id: CVE-2023-1020 info: name: Steveas WP Live Chat Shoutbox = 1.4.2 - SQL...
CVE-2026-27178
MajorDoMo aka Major Domestic Module contains a stored cross-site scripting XSS vulnerability through method parameter injection into the shoutbox. The /objects/?method= endpoint allows unauthenticated execution of stored methods with attacker-controlled parameters. Default methods such as...
CVE-2026-27178
MajorDoMo aka Major Domestic Module contains a stored cross-site scripting XSS vulnerability through method parameter injection into the shoutbox. The /objects/?method= endpoint allows unauthenticated execution of stored methods with attacker-controlled parameters. Default methods such as...
CVE-2026-27178
CVE-2026-27178 (MajorDoMo) is a stored XSS vulnerability in MajorDoMo exposed via the /objects/?method= endpoint, permitting unauthenticated execution of stored methods with attacker-controlled parameters. The issue arises when default methods (e.g., ThisComputer.VolumeLevelChanged) pass the VALU...
CVE-2026-27178 MajorDoMo Stored Cross-Site Scripting via Method Parameters to Shoutbox
MajorDoMo aka Major Domestic Module contains a stored cross-site scripting XSS vulnerability through method parameter injection into the shoutbox. The /objects/?method= endpoint allows unauthenticated execution of stored methods with attacker-controlled parameters. Default methods such as...
CVE-2026-27178 MajorDoMo Stored Cross-Site Scripting via Method Parameters to Shoutbox
MajorDoMo aka Major Domestic Module contains a stored cross-site scripting XSS vulnerability through method parameter injection into the shoutbox. The /objects/?method= endpoint allows unauthenticated execution of stored methods with attacker-controlled parameters. Default methods such as...
PT-2026-20514
Name of the Vulnerable Software and Affected Versions MajorDoMo versions affected versions not specified Description The software contains a stored cross-site scripting XSS issue through method parameter injection into the shoutbox. The /objects/?method= API endpoint allows unauthenticated...
CVE-2009-4232
The Kide Shoutbox comkide component 0.4.6 for Joomla! does not properly perform authentication, which allows remote attackers to post messages with an arbitrary account name via an insertar action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely...
CVE-2025-58916
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Munzir Author: Munzir myshouts-shoutbox allows Reflected XSS.This issue affects Author: Munzir: from n/a through = 0.9...
EUVD-2025-35454
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Munzir Author: Munzir myshouts-shoutbox allows Reflected XSS.This issue affects Author: Munzir: from n/a through = 0.9...
CVE-2025-58916
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Munzir Author: Munzir myshouts-shoutbox allows Reflected XSS.This issue affects Author: Munzir: from n/a through = 0.9...
CVE-2025-58916 WordPress Author: Munzir plugin <= 0.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Munzir Author: Munzir myshouts-shoutbox allows Reflected XSS.This issue affects Author: Munzir: from n/a through = 0.9...
CVE-2025-58916 WordPress Author: Munzir plugin <= 0.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Munzir Author: Munzir myshouts-shoutbox allows Reflected XSS.This issue affects Author: Munzir: from n/a through = 0.9...
PT-2025-43272
Name of the Vulnerable Software and Affected Versions Munzir Author: Munzir versions prior to 0.9 Description A flaw exists in Munzir Author: Munzir myshouts-shoutbox that allows for Reflected Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page...
EUVD-2006-5297
Malware in sbrugna...
EUVD-2005-0910
Malware in sbrugna...
EUVD-2010-4915
Malware in sbrugna...
EUVD-2010-1561
Malware in sbrugna...
EUVD-2005-1715
Malware in sbrugna...