CVE-2025-12400

The LMB^Box Smileys plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2. This is due to missing or incorrect nonce validation on the managepage function. This makes it possible for unauthenticated attackers to update settings and inject...

WordPress LMB^Box Smileys plugin <= 3.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin LMB^Box Smileys versions = 3.2...

CVE-2025-12400

The LMB^Box Smileys plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2. This is due to missing or incorrect nonce validation on the managepage function. This makes it possible for unauthenticated attackers to update settings and inject...

CVE-2025-12400 LMB^Box Smileys <= 3.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The LMB^Box Smileys plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2. This is due to missing or incorrect nonce validation on the managepage function. This makes it possible for unauthenticated attackers to update settings and inject...

CVE-2025-12400 LMB^Box Smileys <= 3.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The LMB^Box Smileys plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2. This is due to missing or incorrect nonce validation on the managepage function. This makes it possible for unauthenticated attackers to update settings and inject...

CVE-2025-12400

CVE-2025-12400 concerns the WordPress plugin LMB^Box Smileys. The vulnerability is a CSRF to Stored XSS in all versions up to 3.2, caused by missing or incorrect nonce validation in the plugin’s manage_page() function. As described, unauthenticated attackers can cause a site administrator to perf...

WordPress plugin LMB Box Smileys 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...

EUVD-2010-0454

Malware in sbrugna...

Stud.IP Cross-Site Scripting Vulnerability

Stud.IP is an open source learning and information management system for universities, education and applications from Sourceforge. A cross-site scripting vulnerability exists in Stud.IP versions prior to 5.3.4, 5.2.6, 5.1.7, and 5.0.9, which stems from the fact that uploadaction, editaction in t...

PT-2024-14038 · Stud.Ip · Stud.Ip

Name of the Vulnerable Software and Affected Versions: Stud.IP versions 5.x through 5.3.3 Description: The issue allows XSS with resultant upload of executable files because upload action and edit action in Admin SmileysController do not check the file extension. This leads to remote code executi...

SUSE CVE-2010-0423

gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service CPU consumption and application hang by sending many smileys in a 1 IM or 2 chat...

CVE-2020-25875

A stored cross site scripting XSS vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter...

CVE-2020-25875

A stored cross site scripting XSS vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter...

Cross site scripting

A stored cross site scripting XSS vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter...

CVE-2020-25875

A stored cross site scripting XSS vulnerability in the 'Smileys' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Smiley Code' parameter...

Text Smileys Minis ™ - Customized SSL, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Text Smileys Minis ™ published at the 'play' market has multiple vulnerabilities...

Animated Smileys for Whatsapp - Dangerous filesystem permissions, Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Animated Smileys for Whatsapp published at the 'play' market has multiple vulnerabilities...

Smileys for Whatsapp - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Smileys for Whatsapp published at the 'play' market has multiple vulnerabilities...

WhatsLov love smileys for chat - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application WhatsLov love smileys for chat published at the 'play' market has multiple vulnerabilities...

Smileys whats App - Dynamic Code Loading, External URLs, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Smileys whats App published at the 'play' market has multiple vulnerabilities...