EUVD-2007-0844

Malware in sbrugna...

EUVD-2007-0843

Malware in sbrugna...

CVE-2024-21623

OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "Analysis - SonarCloud" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and...

CVE-2024-21623 Arbitrary Expression Injection in github workflow leads to Command execution & leaking secrets

OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "Analysis - SonarCloud" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and...

Cross site scripting

Cross-site scripting XSS vulnerability in forum.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to inject arbitrary HTML or web script via the name parameter...

CVE-2007-0847

SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to priv.php...

CVE-2007-0846

Cross-site scripting XSS vulnerability in forum.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to inject arbitrary HTML or web script via the name parameter...

CVE-2007-0847

SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to priv.php...

CVE-2007-0847

Open Tibia Server CMS (OTSCMS) up to version 2.1.5 is affected by a SQL injection in mod/PM/reply.php, exploitable via the id parameter to priv.php. This allows remote attackers to execute arbitrary SQL commands. The affected component is the web-based CMS for OTSCMS; root cause is improper handl...

CVE-2007-0846

CVE-2007-0846 is an XSS vulnerability in Open Tibia Server CMS (OTSCMS) ≤ 2.1.5, exploitable via the name parameter in forum.php. The underlying issue is improper input handling that allows arbitrary HTML/script injection, enabling an attacker to influence pages viewed by other users. The CVSS ba...

CVE-2006-5547

The CVE-2006-5547 entry concerns OTSCMS (Open Tibia Server Content Management System) versions 1.0.0 through 1.0.3. A PHP remote file inclusion flaw exists in OTSCMS.php via a crafted URL assigned to GLOBALS[config][otscms][directories][includes], enabling an attacker to execute arbitrary PHP cod...

CVE-2006-5546

CVE-2006-5546 affects OTSCMS (Open Tibia Server Content Management System) versions 1.3.0 through 1.4.1. The vulnerability is a PHP remote file inclusion in OTSCMS/OTSCMS.php that allows remote attackers to execute arbitrary PHP code via a URL supplied in the GLOBALS[config][otscms][directories][...

CVE-2006-5548

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 2.0.0 through 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigdirectoriesclasses parameter...