Cross-site Scripting (XSS)

xataface is vulnerable to cross-site scripting. The vulnerability exists in installform.js.php due to lack of sanitization in the php elements which allows an attacker to inject and execute malicious javascript...

GHSA-64WV-C7JW-JW2Q Xataface vulnerable to Cross-site Scripting

A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...

Xataface vulnerable to Cross-site Scripting

A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...

CVE-2021-4303

A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...

CVE-2021-4303

A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...

CVE-2021-4303

CVE-2021-4303 affects Xataface (PHP/MySQL) up to version 2.x, specifically the Installer component’s install_form.js.php testftp function. The issue enables cross-site scripting (XSS) due to lack of input sanitization. Impact is described as remote attack with no/low privilege required and user i...

CVE-2021-4303 shannah Xataface Installer install_form.js.php testftp cross site scripting

A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...

CVE-2021-4303 shannah Xataface Installer install_form.js.php testftp cross site scripting

A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...

Xataface 跨站脚本漏洞

Xataface is a framework for building rich data-driven applications in PHP and MySQL by Steve Hannah, a personal developer. A cross-site scripting vulnerability in Xataface 2.x and prior versions, which stems from the testftp function in the install/installform.js.php file of its Installer...

PT-2023-12407 · Shannah · Xataface

Name of the Vulnerable Software and Affected Versions: shannah Xataface versions up to 2.x Description: A problematic issue has been found in the function testftp of the file install/install form.js.php of the component Installer, leading to cross site scripting. The attack may be launched...

xataface.com Cross Site Scripting vulnerability OBB-2537717

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cross-site Scripting (XSS) - Reflected in shannah/xataface

Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...

Xataface Admin Auth Bypass Vulnerability

No description provided by source. ======================================================= Xataface Admin Auth Bypass Vulnerability ======================================================= + Discovered by : Xinapse + Site : firewire-security.com + Email : [email protected]...

Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities

No description provided by source. Title : Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities. Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://xataface.com/ Advisory : http://secpod.org/blog/?p=350...

Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities

Xataface WebAuction/Librarian DB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Xataface WebAuction and Xataface Librarian DB - Multiple Vulnerabilities

Title : Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities. Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://xataface.com/ Advisory : http://secpod.org/blog/?p=350 http://secpod.org/advisories/SECPODXatafaceWebauctionMultVuln.txt Software : Xataface...

Xataface WebAuction and Xataface Librarian DB - Multiple Vulnerabilities

Xataface WebAuction and Xataface Librarian DB - Multiple Vulnerabilities Title : Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities. Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://xataface.com/ Advisory : http://secpod.org/blog/?p=350...

Xataface WebAuction / Librarian DB XSS / LFI / SQL Injection

Title : Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities. Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://xataface.com/ Advisory : http://secpod.org/blog/?p=350 http://secpod.org/advisories/SECPODXatafaceWebauctionMultVuln.txt Software : Xataface...

Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities

Exploit for php platform in category web applications Title : Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities. Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://xataface.com/ Advisory : http://secpod.org/blog/?p=350...