25 matches found
CVE-2023-53904
Xenforo 2.2.13 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the smilie category title parameter. Attackers can create a smilie category with a malicious script that will execute when the admin panel is loaded,...
EUVD-2023-60226
Xenforo 2.2.13 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the smilie category title parameter. Attackers can create a smilie category with a malicious script that will execute when the admin panel is loaded,...
CVE-2023-53904
Xenforo 2.2.13 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the smilie category title parameter. Attackers can create a smilie category with a malicious script that will execute when the admin panel is loaded,...
CVE-2023-53904 Xenforo 2.2.13 Authenticated Stored Cross-Site Scripting via Smilie Categories
Xenforo 2.2.13 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the smilie category title parameter. Attackers can create a smilie category with a malicious script that will execute when the admin panel is loaded,...
CVE-2023-53904 Xenforo 2.2.13 Authenticated Stored Cross-Site Scripting via Smilie Categories
Xenforo 2.2.13 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the smilie category title parameter. Attackers can create a smilie category with a malicious script that will execute when the admin panel is loaded,...
CVE-2023-53904
CVE-2023-53904 affects XenForo 2.2.13: authenticated administrators can trigger a stored XSS via the smilie category title parameter, with scripts executing when the admin panel loads. Public detail confirms the issue, its stored nature, and that the vulnerability is exploitable in the admin cont...
Xenforo 跨站脚本漏洞
Xenforo is a forum software from Xenforo, Inc. A cross-site scripting vulnerability exists in Xenforo version 2.2.13, which stems from improper cleaning of the smilie category header parameter and could lead to a stored cross-site scripting attack...
PT-2025-51942
Name of the Vulnerable Software and Affected Versions Xenforo version 2.2.13 Description The software contains a stored cross-site scripting issue. Authenticated administrators can inject malicious scripts through the smilie category title parameter. Creating a smilie category with a malicious...
EUVD-2017-17067
Malware in sbrugna...
EUVD-2020-17814
Malware in sbrugna...
vBulletin Cross-Site Scripting Vulnerability (CNVD-2020-50940)
vBulletin is a suite of forum programs that can be customized to suit your needs. A cross-site scripting vulnerability exists in the Admin CP in vBulletin 5.6.3. The vulnerability can be exploited by an attacker to conduct a cross-site scripting attack via the Smilie title of Smilies Manager...
CVE-2020-25123
The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager...
Microsoft Skype Mobile v8.x - Emoticons DoS Vulnerability
Document Title: =============== Microsoft Skype Mobile v8.x - Emoticons DoS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2116 Video: https://www.vulnerability-lab.com/getcontent.php?id=2117 MSRC ID: 43520 CRM:0461036906 Acknowledgements...
MyBB Directory Traversal Vulnerability (CNVD-2017-06579)
MyBB is a popular web-based very good free forum software developed with PHP and MySQL. A directory traversal vulnerability exists in the smilie module in MyBB versions prior to 1.8.11. The vulnerability can be exploited to browse files with the 'pathfolder' parameter...
CVE-2017-8104
In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter...
CVE-2017-8104
In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter...
Directory traversal
In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter...
CVE-2017-8104
In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter...
CVE-2017-8104
CVE-2017-8104 pertains to MyBB versions prior to 1.8.11, where the smilie module contains a directory traversal vulnerability via the pathfolder parameter. The vulnerability arises in the smilie module’s handling of user-supplied path information, allowing an attacker to traverse directories and ...
MyBB smilie Module 1.8.11 - pathfolder Directory Traversal
MyBB smilie Module 1.8.11 - pathfolder Directory Traversal Description: ============ product: MyBB Homepage: https://mybb.com/ vulnerable version: input'pathfolder'; Line 327 $dir = @opendirMYBBROOT.$path; if we input "pathfolder" to "../../bypass/smile",Directory Traversal success! ============...