120 matches found
CVE-2023-5917
A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...
CVE-2020-25875
A stored cross site scripting XSS vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter...
CVE-2005-1655
AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service client crash via an invalid smiley icon location in the sml parameter of a font tag...
smiley-ev.de Cross Site Scripting vulnerability OBB-3830914
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2024-14038 · Stud.Ip · Stud.Ip
Name of the Vulnerable Software and Affected Versions: Stud.IP versions 5.x through 5.3.3 Description: The issue allows XSS with resultant upload of executable files because upload action and edit action in Admin SmileysController do not check the file extension. This leads to remote code executi...
phpBB's Smiley Pack acp_icons.php main pack vulnerable to cross site scripting
A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pack leads to cross site scripting. The attack may be...
GHSA-GMX8-8RFF-QV6Q phpBB's Smiley Pack acp_icons.php main pack vulnerable to cross site scripting
A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pack leads to cross site scripting. The attack may be...
CVE-2023-5917
A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...
CVE-2023-5917 phpBB Smiley Pack acp_icons.php main cross site scripting
A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...
CVE-2023-5917
CVE-2023-5917 affects phpBB up to version 3.3.10, specifically the Smiley Pack Handler in phpBB/includes/acp/acp_icons.php. The issue arises from improper handling of the pak argument in the main() function, leading to cross-site scripting (XSS). The vulnerability can be exploited remotely. A fix...
CVE-2023-5917 phpBB Smiley Pack acp_icons.php main cross site scripting
A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...
CVE-2023-5917 phpBB Smiley Pack acp_icons.php main cross site scripting
A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...
PT-2023-32416 · Phpbb · Phpbb
Name of the Vulnerable Software and Affected Versions: phpBB versions up to 3.3.10 Description: A problematic issue has been found in phpBB, affecting the function main of the file phpBB/includes/acp/acp icons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to...
SUSE CVE-2004-0784
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector...
SUSE CVE-2009-3085
The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service application crash via XHTML-IM content with cid: images...
Codoforum cross-site scripting vulnerability (CNVD-2021-50176)
Codoforum is a set of PHP and MySQL based forum software. A cross-site scripting vulnerability exists in Codoforum version 5.0.2, which can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload with the "Smiley Code" parameter...
CVE-2020-25875
A stored cross site scripting XSS vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter...
Codoforum 跨站脚本漏洞
Codoforum is a set of PHP and MySQL based forum software. A cross-site scripting vulnerability exists in Codoforum version 5.0.2, which can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload with the "Smiley Code" parameter...
CVE-2012-5558
Cross-site scripting XSS vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary web script or HTML via a smiley acronym...