Page 2 of 9 results (0.005 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter. Un problema en phpkobo AjaxNewsTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro reque. • http://ajaxnewsticker.com http://phpkobo.com https://gist.github.com/RNPG/c1ae240f2acec138132aa64ce3faa2e0 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component. Vulnerabilidad de Cross Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro txt en el componente index.php. • http://ajaxnewsticker.com http://phpkobo.com https://gist.github.com/RNPG/062cfca2e293a0e7d24f5d55f8db3fde • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component. Vulnerabilidad de Cross Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado en el parámetro cmd en el componente index.php. • http://ajaxnewsticker.com http://phpkobo.com https://gist.github.com/RNPG/be2ca92cb1f943d4c340c75fbfc9b783 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component. Vulnerabilidad de Cross Site Request Forgery en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro txt en el componente index.php. • http://ajaxnewsticker.com http://phpkobo.com https://gist.github.com/RNPG/32be1c4bae6f9378d4f382ba0c92b367 • CWE-352: Cross-Site Request Forgery (CSRF) •