u5cms v8.3.5 - Open Redirect

u5cms version 8.3.5 contains a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php. id: CVE-2022-32444 info: name: u5cms v8.3.5 - Open Redirect author: 0xAkoko severity: medium description: | u5cms version 8.3.5 contains a URL...

EUVD-2015-1708

Malware in sbrugna...

EUVD-2015-1707

Malware in sbrugna...

EUVD-2015-1710

Malware in sbrugna...

EUVD-2022-35516

Malicious code in bioql PyPI...

EUVD-2022-35514

Malicious code in bioql PyPI...

EUVD-2022-37839

Malicious code in bioql PyPI...

CVE-2022-34937

Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery CSRF via the component savepage.php. This vulnerability allows attackers to execute arbitrary code...

CVE-2022-32442

u5cms version 8.3.5 is vulnerable to Cross Site Scripting XSS. When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? "Onmouseover=%27tzgl 96502%27bad=", it can cause html injection...

CVE-2022-32444

An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php...

CVE-2015-1576

Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to 1 copy2.php, 2 localize.php, 3 metai.php, 4 nc.php, 5 new2.php, or 6 rename2.php in u5admin/; 7 c parameter to u5admin/editor.php; 8 typ parameter to...

CVE-2015-1575

Multiple cross-site scripting XSS vulnerabilities in u5CMS before 3.9.4 allow remote attackers to inject arbitrary web script or HTML via the 1 c, 2 i, 3 l, or 4 p parameter to index.php; the 5 a or 6 b parameter to u5admin/cookie.php; the name parameter to 7 copy.php or 8 delete.php in u5admin/;...

CVE-2015-1577

Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a 1 .. dot dot or 2 full pathname in the f parameter...

CVE-2015-1578

Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the 1 pidvesa cookie to u5admin/pidvesa.php or 2 uri parameter to u5admin/meta2.php...

CVE-2022-34937

Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery CSRF via the component savepage.php. This vulnerability allows attackers to execute arbitrary code...

CVE-2022-34937

Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery CSRF via the component savepage.php. This vulnerability allows attackers to execute arbitrary code...

CVE-2022-34937

Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery CSRF via the component savepage.php. This vulnerability allows attackers to execute arbitrary code...

Cross site request forgery (csrf)

Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery CSRF via the component savepage.php. This vulnerability allows attackers to execute arbitrary code...

CVE-2022-34937

Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery CSRF via the component savepage.php. This vulnerability allows attackers to execute arbitrary code...

CVE-2022-34937

CVE-2022-34937 affects Yuba u5cms v8.3.5 and is due to a Cross-Site Request Forgery vulnerability in the savepage.php component. This CSRF flaw is described as allowing attackers to execute arbitrary code. The NVD entry lists a high impact (C, I, A) with network attack vector and user interaction...