10 matches found
CVE-2024-26471
A reflected cross-site scripting XSS vulnerability in zhimengzhe iBarn v1.5 allows attackers to inject malicious JavaScript into the web browser of a victim via the search parameter in offer.php...
CVE-2020-20588
File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php...
PT-2024-27682 · Unknown · Zhimengzhe Ibarn
Name of the Vulnerable Software and Affected Versions: zhimengzhe iBarn version 1.5 Description: A reflected cross-site scripting XSS issue was discovered, which can be exploited via the search parameter at the "/index.php" API endpoint. This allows for potentially malicious scripts to be execute...
CVE-2024-26471
A reflected cross-site scripting XSS vulnerability in zhimengzhe iBarn v1.5 allows attackers to inject malicious JavaScript into the web browser of a victim via the search parameter in offer.php...
CVE-2024-26471
A reflected cross-site scripting XSS vulnerability in zhimengzhe iBarn v1.5 allows attackers to inject malicious JavaScript into the web browser of a victim via the search parameter in offer.php...
CVE-2024-26471
CVE-2024-26471 describes a reflected cross-site scripting (XSS) vulnerability in the zhimengzhe iBarn v1.5, exploitable via the search parameter in offer.php. The documented risk is that an attacker could inject malicious JavaScript into a victim’s browser, enabling script execution in the contex...
CVE-2024-26471
A reflected cross-site scripting XSS vulnerability in zhimengzhe iBarn v1.5 allows attackers to inject malicious JavaScript into the web browser of a victim via the search parameter in offer.php...
CVE-2020-20588
File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php...
CVE-2020-20588
File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php...
CVE-2020-20588
CVE-2020-20588 affects zhimengzhe iBarn 1.5 via a file upload vulnerability in the upload function of action/Core.class.php, allowing remote code execution through avatar uploads to index.php. The NVD/NIST entry scores it CVSS 3.1 Base Score 8.8 (High) with network access, low attack complexity, ...