Page 74 of 373 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page. Scripting de sitio cruzado en PostCalendar 3.02 permite que atacantes remotos inserten HTML arbitrario y script, y roben cookies, modificando una entrada de calendario en su página "preview". • http://archives.neohapsis.com/archives/bugtraq/2002-04/0288.html http://www.iss.net/security_center/static/8899.php http://www.securityfocus.com/bid/4563 •

CVSS: 5.0EPSS: 4%CPEs: 6EXPL: 4

Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title. • https://www.exploit-db.com/exploits/21401 https://www.exploit-db.com/exploits/21403 http://online.securityfocus.com/archive/1/267936 http://www.iss.net/security_center/static/8881.php http://www.securityfocus.com/bid/4559 http://www.securityfocus.com/bid/4561 https://exchange.xforce.ibmcloud.com/vulnerabilities/8884 •

CVSS: 2.6EPSS: 0%CPEs: 3EXPL: 0

Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter. • http://online.securityfocus.com/archive/1/245691 http://online.securityfocus.com/archive/82/243545 http://www.iss.net/security_center/static/7654.php http://www.securityfocus.com/bid/3609 •

CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0

PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote attackers to gain privileges by stealing or sniffing the cookie and decoding it. • http://marc.info/?l=bugtraq&m=100638850219503&w=2 http://www.securityfocus.com/bid/3567 https://exchange.xforce.ibmcloud.com/vulnerabilities/7596 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 2

SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter. • https://www.exploit-db.com/exploits/21119 http://archives.neohapsis.com/archives/bugtraq/2001-10/0088.html http://archives.neohapsis.com/archives/bugtraq/2001-10/0091.html http://www.kb.cert.org/vuls/id/921547 http://www.securityfocus.com/bid/3435 https://exchange.xforce.ibmcloud.com/vulnerabilities/7280 •