Monthly Archive: April 2018

Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet. Date published : 2018-04-23 https://github.com/philippe/FrogCMS/issues/7

Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata. Date published : 2018-04-23 https://github.com/philippe/FrogCMS/issues/6

Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow. Date published : 2018-04-23 https://bugzilla.nasm.us/show_bug.cgi?id=3392474 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html

WUZHI CMS 4.1.0 allows persistent XSS via the form%5Bqq_10%5D parameter to the /index.php?m=member&f=index&v=profile&set_iframe=1 URI. Date published : 2018-04-23 https://www.exploit-db.com/exploits/44617/ https://github.com/wuzhicms/wuzhicms/issues/133

index.php?m=member&v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to change the password of a common member. Date published : 2018-04-23 https://www.exploit-db.com/exploits/44504/ https://github.com/wuzhicms/wuzhicms/issues/132

A vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the tag[pinyin] parameter to the /index.php?m=tags&f=index&v=add URI. Date published :...

The Responsive Cookie Consent plugin before 1.8 for WordPress mishandles number fields, leading to XSS. Date published : 2018-04-23 Responsive Cookie Consent https://www.exploit-db.com/exploits/44563/

The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2.0.15 does not properly use the possible_users variable in a query, which might allow attackers to bypass intended access restrictions. Date published :...

A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-y0nqfutlf3. Date published : 2018-04-23 https://www.foxitsoftware.com/support/security-bulletins.php https://srcincite.io/advisories/src-2018-0020/

A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-jyb51g3mv9. Date published : 2018-04-23 https://www.foxitsoftware.com/support/security-bulletins.php https://srcincite.io/advisories/src-2018-0019/

Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an...

Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in an Instagram profile’s bio. Date...

An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized...

Authenticated Cross site Scripting exists in the User Profile & Membership plugin before 2.0.11 for WordPress via the "Account Deletion Custom Text" input field on the wp-admin/admin.php?page=um_options&section=account page. Date published : 2018-04-23 https://github.com/RiieCco/write-ups/tree/master/CVE-2018-10234 Ultimate...