4 matches found
GHSA-F6MH-79VH-2HV7 Cross-site Scripting in Moodle Chat
The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's UsingChat page says "If you know some HTML code, you can use it in your text to do things like insert image...
ig shop 1.0 (eval/SQL Injection) Multiple Vulnerabilities
No description provided by source. If eval is the answer, then you are asking the wrong question. --Unknowen ig-shop suffers from two eval's that can be controlled by an attacker: http://127.0.0.1/igshop/cart.php?action=;phpinfo;// ./cart.php line 692: eval cart$action;;...
iG Shop 1.0 (eval/sql injection) Multiple Remote Vulnerabilities
No description provided by source. "If eval is the answer, then you are asking the wrong question." --Unknowen ig-shop suffers from two eval's that can be controlled by an attacker: http://127.0.0.1/igshop/cart.php?action=;phpinfo;// ./cart.php line 692: eval "cart$action;";...
iG Calendar 1.0 (user.php id variable) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================================= iG Calendar 1.0 user.php id variable Remote SQL Injection Vulnerability ========================================================================= SQL Injection in...