Lucene search
+L

120 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:41 a.m.12 views

CVE-2023-5917

A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...

6.1CVSS6.2AI score0.00523EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:23 p.m.9 views

CVE-2020-25875

A stored cross site scripting XSS vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter...

5.4CVSS5.5AI score0.00507EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/21 8:18 p.m.10 views

CVE-2005-1655

AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service client crash via an invalid smiley icon location in the sml parameter of a font tag...

5CVSS7AI score0.02414EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2024/01/10 10:45 a.m.5 views

smiley-ev.de Cross Site Scripting vulnerability OBB-3830914

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/01/08 12:0 a.m.3 views

PT-2024-14038 · Stud.Ip · Stud.Ip

Name of the Vulnerable Software and Affected Versions: Stud.IP versions 5.x through 5.3.3 Description: The issue allows XSS with resultant upload of executable files because upload action and edit action in Admin SmileysController do not check the file extension. This leads to remote code executi...

9CVSS9.2AI score0.01286EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2023/11/02 12:30 p.m.27 views

phpBB's Smiley Pack acp_icons.php main pack vulnerable to cross site scripting

A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pack leads to cross site scripting. The attack may be...

6.1CVSS6.1AI score0.00523EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2023/11/02 12:30 p.m.6 views

GHSA-GMX8-8RFF-QV6Q phpBB's Smiley Pack acp_icons.php main pack vulnerable to cross site scripting

A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pack leads to cross site scripting. The attack may be...

4.8CVSS6AI score0.00523EPSS
Exploits0References9
NVD
NVD
added 2023/11/02 11:15 a.m.17 views

CVE-2023-5917

A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...

6.1CVSS4.2AI score0.00523EPSS
Exploits0References6
Prion
Prion
added 2023/11/02 11:15 a.m.16 views

Cross site scripting

A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...

3.3CVSS6AI score0.00523EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/02 10:31 a.m.8 views

CVE-2023-5917 phpBB Smiley Pack acp_icons.php main cross site scripting

A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...

3.3CVSS6AI score0.00523EPSS
Exploits0References6
CVE
CVE
added 2023/11/02 10:31 a.m.120 views

CVE-2023-5917

CVE-2023-5917 affects phpBB up to version 3.3.10, specifically the Smiley Pack Handler in phpBB/includes/acp/acp_icons.php. The issue arises from improper handling of the pak argument in the main() function, leading to cross-site scripting (XSS). The vulnerability can be exploited remotely. A fix...

6.1CVSS4.7AI score0.00523EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2023/11/02 10:31 a.m.35 views

CVE-2023-5917 phpBB Smiley Pack acp_icons.php main cross site scripting

A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...

3.3CVSS6.2AI score0.00523EPSS
Exploits0References6
OSV
OSV
added 2023/11/02 10:31 a.m.12 views

CVE-2023-5917 phpBB Smiley Pack acp_icons.php main cross site scripting

A vulnerability, which was classified as problematic, has been found in phpBB up to 3.3.10. This issue affects the function main of the file phpBB/includes/acp/acpicons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to cross site scripting. The attack may be...

2.4CVSS3.9AI score0.00523EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/11/02 12:0 a.m.9 views

PT-2023-32416 · Phpbb · Phpbb

Name of the Vulnerable Software and Affected Versions: phpBB versions up to 3.3.10 Description: A problematic issue has been found in phpBB, affecting the function main of the file phpBB/includes/acp/acp icons.php of the component Smiley Pack Handler. The manipulation of the argument pak leads to...

6.1CVSS4AI score0.00523EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.3 views

SUSE CVE-2004-0784

The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector...

7.5CVSS7.8AI score0.02336EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.3 views

SUSE CVE-2009-3085

The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service application crash via XHTML-IM content with cid: images...

5CVSS6.8AI score0.0169EPSS
Exploits0References5
CNVD
CNVD
added 2021/07/13 12:0 a.m.5 views

Codoforum cross-site scripting vulnerability (CNVD-2021-50176)

Codoforum is a set of PHP and MySQL based forum software. A cross-site scripting vulnerability exists in Codoforum version 5.0.2, which can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload with the "Smiley Code" parameter...

5.4CVSS6.3AI score0.00507EPSS
Exploits1References1
OSV
OSV
added 2021/07/09 10:15 p.m.5 views

CVE-2020-25875

A stored cross site scripting XSS vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter...

5.4CVSS5.6AI score0.00507EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/09 12:0 a.m.4 views

Codoforum 跨站脚本漏洞

Codoforum is a set of PHP and MySQL based forum software. A cross-site scripting vulnerability exists in Codoforum version 5.0.2, which can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload with the "Smiley Code" parameter...

5.4CVSS5.6AI score0.00507EPSS
Exploits1References3
NVD
NVD
added 2020/01/09 9:15 p.m.14 views

CVE-2012-5558

Cross-site scripting XSS vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary web script or HTML via a smiley acronym...

4.8CVSS4.8AI score0.00963EPSS
Exploits0References4
Rows per page
Query Builder