CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41450
https://notcve.org/view.php?id=CVE-2023-41450
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter. Un problema en phpkobo AjaxNewsTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro reque. • http://ajaxnewsticker.com http://phpkobo.com https://gist.github.com/RNPG/e11af10e1bd3606de8b568033d932589 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41446
https://notcve.org/view.php?id=CVE-2023-41446
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component. Vulnerabilidad de Cross-Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado para el parámetro de título en el componente index.php. • http://ajaxnewsticker.com http://phpkobo.com https://gist.github.com/RNPG/4bb91170f8ee50b395427f26bc96a1f2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41447
https://notcve.org/view.php?id=CVE-2023-41447
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component. Vulnerabilidad de Cross-Site Scriptings en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado en el parámetro subcmd en el componente index.php. • http://ajaxnewsticker.com http://phpkobo.com https://gist.github.com/RNPG/56b9fe4dcc3a248d4288bde5ffb3a5b3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41453
https://notcve.org/view.php?id=CVE-2023-41453
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component. Vulnerabilidad de Cross Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado en el parámetro cmd en el componente index.php. • http://ajaxnewsticker.com http://phpkobo.com https://gist.github.com/RNPG/be2ca92cb1f943d4c340c75fbfc9b783 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-41448
https://notcve.org/view.php?id=CVE-2023-41448
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the ID parameter in the index.php component. Vulnerabilidad de Cross-Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro ID en el componente index.php. • http://ajaxnewsticker.com http://phpkobo.com https://gist.github.com/RNPG/458e17f24ebf7d8af3c5c4d7073347a0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •