93 matches found
CVE-2024-58309
xbtitFM 4.1.18 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries by injecting malicious SQL code through the msgid parameter. Attackers can send crafted requests to /shoutedit.php with EXTRACTVALUE functions to extract database...
EUVD-2018-9612
Malware in sbrugna...
EUVD-2018-7551
Malware in sbrugna...
EUVD-2018-7549
Malware in sbrugna...
EUVD-2018-7547
Malware in sbrugna...
EUVD-2018-7550
Malware in sbrugna...
EUVD-2018-7554
Malware in sbrugna...
EUVD-2018-7553
Malware in sbrugna...
EUVD-2018-7548
Malware in sbrugna...
EUVD-2021-32539
Malicious code in bioql PyPI...
EUVD-2021-32540
Malicious code in bioql PyPI...
CVE-2021-45822
A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" POST parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code...
CVE-2021-45821
A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order...
Xbtit SQL Injection Vulnerability
Xbtit is an open source tracker software. version 3.1 of Xbtit is vulnerable to SQL injection, which stems from a missing filter escape for SQL statements in the sid parameter of the ajaxchat/getHistoryChatData.php file. An attacker could exploit this vulnerability to extract sensitive data such ...
Xbtit Cross-Site Scripting Vulnerability
Xbtit is a tracker software. A cross-site scripting vulnerability exists in Xbtit version 3.1. The vulnerability occurs when /ajaxchat/sendChatData.php fails to properly validate the value of the "n" POST parameter. An attacker could exploit this vulnerability to execute malicious JavaScript code...
CVE-2021-45822
A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" POST parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code...
CVE-2021-45822
A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" POST parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code...
Cross site scripting
A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" POST parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code...
CVE-2021-45822
A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" POST parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code...
CVE-2021-45822
CVE-2021-45822 describes a stored XSS in Xbtit 3.1 where the request to /ajaxchat/sendChatData.php does not properly validate the n (POST) parameter. This vulnerability allows an attacker to inject and execute malicious JavaScript code, per multiple connected sources (e.g., NVD/Red Hat/CNVD varia...