EUVD-2015-3072

Malware in sbrugna...

CVE-2015-2989

Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...

CVE-2015-2989

CVE-2015-2989 (LEMON-S PHP Twit BBS) is a cross-site scripting (XSS) vulnerability in the index.php script caused by unsafely processing the imagetitle parameter. The affected software is the Twit BBS PHP-based bulletin board. Impact as stated: remote attackers can inject arbitrary web script or ...

CVE-2015-2989

Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...

Twit BBS vulnerable to cross-site scripting

Overview Twit BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of imagetitle parameter in index.php. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

JVN#77193915: Twit BBS vulnerable to cross-site scripting

Twit BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of imagetitle parameter in index.php. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Twit BBS Twit BBS is no longer being developed or...