8 results (0.012 seconds)

CVSS: 10.0EPSS: 13%CPEs: 1EXPL: 3

A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and execute remote code on the operating system.) Una vulnerabilidad de inyección SQL en la función get_topic_info() en el archivo sys/CODOF/Forum/Topic.php en Codoforum versiones anteriores a 4.9, permite a atacantes remotos (autenticación previa) omitir la página de administración por medio de un token de restablecimiento de contraseña filtrado del administrador. (Como administrador, un atacante puede cargar un shell PHP y ejecutar código remoto en el sistema operativo) • http://codologic.com/forum https://blog.sonarsource.com/codoforum-4.8.7-critical-code-vulnerabilities-explained https://community.sonarsource.com/c/announce/stories/23 https://community.sonarsource.com/t/codoforum-4-8-7-critical-code-vulnerabilities-explained/28297 https://github.com/SmashITs https://twitter.com/sonarsource/status/1300818196090384384 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Codoforum 4.8.3 allows HTML Injection in the 'admin dashboard Manage users Section.' Codoforum versión 4.8.3, permite una inyección de HTML en el "admin dashboard Manage users Section" • https://codoforum.com https://vyshnavvizz.blogspot.com/2020/01/html-injection-in-codoforum-v483.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

Codologic Codoforum through 4.8.4 allows a DOM-based XSS. While creating a new topic as a normal user, it is possible to add a poll that is automatically loaded in the DOM once the thread/topic is opened. Because session cookies lack the HttpOnly flag, it is possible to steal authentication cookies and take over accounts. Codologic Codoforum versiones hasta 4.8.4, permite un ataque de tipo XSS basado en DOM. Mediante la creación de un nuevo tema como un usuario normal, es posible agregar una encuesta que se carga automáticamente en el DOM una vez que thread/topic es abierto. • https://codologic.com/forum/index.php?u=/topic/12638/codoforum-4-8-8-released-and-the-future#post-23845 https://www.linkedin.com/posts/polina-voronina-896819b5_discovered-by-polina-voronina-jan-15-activity-6634436086540054528-dDgg • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Codologic Codoforum through 4.8.4 allows stored XSS in the login area. This is relevant in conjunction with CVE-2020-5842 because session cookies lack the HttpOnly flag. The impact is account takeover. Codologic Codoforum hasta la versión 4.8.4 permite XSS almacenado en el área de inicio de sesión. Esto es relevante en conjunción con CVE-2020-5842 porque las cookies de sesión carecen del indicador HttpOnly. • https://codologic.com/forum/index.php?u=/topic/12638/codoforum-4-8-8-released-and-the-future#post-23845 https://www.linkedin.com/posts/polina-voronina-896819b5_discovered-by-polina-voronina-jan-15-activity-6634436086540054528-dDgg • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Codoforum 4.8.3 allows XSS in the user registration page: via the username field to the index.php?u=/user/register URI. The payload is, for example, executed on the admin/index.php?page=users/manage page. Codoforum versión 4.8.3, permite un ataque de tipo XSS en la página de registro de usuario: por medio del campo username en el URI index.php? • https://medium.com/%40prasanthc41m/cve-2020-5842-stored-xss-vulnerability-in-codoforum-4-8-3-b2e1133c6a91 https://www.exploit-db.com/exploits/47876 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •