Security
Headlines
HeadlinesLatestCVEs

Tag

#php

GHSA-5xq3-7mw9-wj5p: Cross Site Scripting in thorsten/phpmyfaq

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13.

ghsa
Open in Source
#xss#git#php
GHSA-5mf7-p346-7rm8: Cross Site Scripting in thorsten/phpmyfaq

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.

CVE-2023-2551: Bug Fixing · unilogies/bumsys@86e29dd

PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1.

CVE-2023-2550: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@20ac515

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.

CVE-2023-2427: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@514f4df

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13.

CVE-2023-2516: 3.0.7 · nilsteampassnet/TeamPass@39b774c

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.

Online Pizza Ordering System 1.0 Shell Upload

Online Pizza Ordering System version 1.0 suffers from an unauthenticated remote shell upload vulnerability.

UliCMS 2023-1 Sniffing-Vicuna Shell Upload

UliCMS version 2023-1 Sniffing-Vicuna suffers from a remote shell upload vulnerability.

UliCMS 2023-1 Sniffing-Vicuna Cross Site Scripting

UliCMS version 2023-1 Sniffing-Vicuna suffers from a persistent cross site scripting vulnerability.

File Thingie 2.5.7 Shell Upload

File Thingie version 2.5.7 remote shell upload exploit. This exploit is based on the vulnerability priorly discovered by Cakes in September of 2019.