EUVD-2020-21527

Malware in sbrugna...

EUVD-2020-21528

Malware in sbrugna...

CVE-2020-29146

A cross site scripting XSS vulnerability in index.php of Wayang-CMS v1.0 allows attackers to execute arbitrary web scripts or HTML via a constructed payload created by adding the X-Forwarded-For field to the header...

CVE-2020-29147

A SQL injection vulnerability in wycontrolls/wysidevisitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information...

The vulnerability of the index.php implementation of the Wayang CMS allows attackers to carry out cross-site scripting attacks.

The vulnerability of the index.php implementation of the Wayang CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by executing malicious payloads using a specially...

CVE-2020-29146

A cross site scripting XSS vulnerability in index.php of Wayang-CMS v1.0 allows attackers to execute arbitrary web scripts or HTML via a constructed payload created by adding the X-Forwarded-For field to the header...

CVE-2020-29147

A SQL injection vulnerability in wycontrolls/wysidevisitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information...

CVE-2020-29147

A SQL injection vulnerability in wycontrolls/wysidevisitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information...

CVE-2020-29146

A cross site scripting XSS vulnerability in index.php of Wayang-CMS v1.0 allows attackers to execute arbitrary web scripts or HTML via a constructed payload created by adding the X-Forwarded-For field to the header...

Cross site scripting

A cross site scripting XSS vulnerability in index.php of Wayang-CMS v1.0 allows attackers to execute arbitrary web scripts or HTML via a constructed payload created by adding the X-Forwarded-For field to the header...

Sql injection

A SQL injection vulnerability in wycontrolls/wysidevisitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information...

CVE-2020-29147

A SQL injection vulnerability in wycontrolls/wysidevisitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information...

CVE-2020-29147

CVE-2020-29147 is a SQL injection vulnerability in Wayang-CMS v1.0 affecting the file wy_controlls/wy_side_visitor.php. The root cause is improper handling of input leading to unauthorized database access, capable of exposing sensitive information. Publicly available documents consistently state ...

CVE-2020-29146

CVE-2020-29146 affects Wayang-CMS v1.0, where an XSS flaw exists in index.php that can be triggered by a crafted payload via the X-Forwarded-For header. The connected documents confirm the vulnerability target (Wayang-CMS 1.0, index.php) and the mechanism (XSS through header manipulation). The Re...

CVE-2020-29146

A cross site scripting XSS vulnerability in index.php of Wayang-CMS v1.0 allows attackers to execute arbitrary web scripts or HTML via a constructed payload created by adding the X-Forwarded-For field to the header...

PT-2021-11648 · Unknown · Wayang-Cms

Name of the Vulnerable Software and Affected Versions: Wayang-CMS version 1.0 Description: A SQL injection issue in the wy controlls/wy side visitor.php file allows attackers to obtain sensitive database information. Recommendations: For Wayang-CMS version 1.0, consider restricting access to the ...

PT-2019-6068 · Wayang · Wayang-Cms

Name of the Vulnerable Software and Affected Versions: Wayang-CMS version 1.0 Description: A cross-site scripting XSS issue in the index.php file of Wayang-CMS allows attackers to execute arbitrary web scripts or HTML by adding a specially crafted X-Forwarded-For field to the header. This can...