CVE-2022-34561

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter...

CVE-2022-34561

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter...

CVE-2022-34561

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter...

CVE-2022-34561

A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter...

PT-2024-11592 · Phpfox · Phpfox

Name of the Vulnerable Software and Affected Versions: PHPFox version 4.8.9 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter. Recommendations: For PHPFox version 4.8.9,...

phpFox 跨站脚本漏洞

phpFox is a social networking platform from phpFox Inc. A cross-site scripting vulnerability exists in phpFox version v4.8.9, which originated from a vulnerability that allows attackers to execute arbitrary web script or HTML via the video description parameter with a crafted payload...

CVE-2021-24471

The YouTube Embed WordPress plugin before 5.2.2 does not validate, escape or sanitise some of its shortcode attributes, leading to Stored XSS issues by 1. using w, h, controls, cclang, color, language, start, stop, or style parameter of youtube shortcode, 2. by using style, class, rel, target,...