8 matches found
EUVD-2021-25148
Malware in sbrugna...
CVE-2021-38710
Static Persistent XSS Vulnerability exists in version 4.3.0 of Yclas when using the install/view/form.php script. An attacker can store XSS in the database through the vulnerable SITENAME parameter...
CVE-2021-38710
Static Persistent XSS Vulnerability exists in version 4.3.0 of Yclas when using the install/view/form.php script. An attacker can store XSS in the database through the vulnerable SITENAME parameter...
CVE-2021-38710
Static Persistent XSS Vulnerability exists in version 4.3.0 of Yclas when using the install/view/form.php script. An attacker can store XSS in the database through the vulnerable SITENAME parameter...
Cross site scripting
Static Persistent XSS Vulnerability exists in version 4.3.0 of Yclas when using the install/view/form.php script. An attacker can store XSS in the database through the vulnerable SITENAME parameter...
CVE-2021-38710
Static Persistent XSS Vulnerability exists in version 4.3.0 of Yclas when using the install/view/form.php script. An attacker can store XSS in the database through the vulnerable SITENAME parameter...
CVE-2021-38710
CVE-2021-38710 affects Yclas v4.3.0 via the install/view/form.php script. The vulnerability is a stored XSS that allows attackers to place malicious input into SITE_NAME, with the payload being persisted in the database. Affected component is the SITE_NAME parameter in the vulnerable form workflo...
Github yclas 跨站脚本漏洞
Github yclas is a powerful script that can convert any domain into a fully customizable classified ads site in seconds. A cross-site scripting vulnerability exists in Yclas version 4.3.0, which stems from the fact that the software's install/view/form.php does not validate and escape the SITENAME...