The web interface of the VDSL Client Modem ALL-BM100VDSL2 is vulnerable to reflected as well as persistent XSS. A privileged user account is required to exploit the persistent XSS vulnerability but this can be bypassed via CSRF.
pfsense is an open source firewall. The web interface is written in PHP. In version 2.3.2-RELEASE (amd64), it is vulnerable to reflected XSS. XSS can lead to disclosure of cookies, session tokens etc.
HumHub is a social media platform written in PHP. In version 1.0.1 and earlier, it is vulnerable to a reflected XSS attack if debugging is enabled, as well as a self-XSS attack. This allows an attacker to steal cookies, inject JavaScript keyloggers, or bypass CSRF protection.
phplist is an application to manage newsletters, written in PHP. In version 3.2.6, it is vulnerable to reflected and persitent Cross Site Scripting vulnerabilities. The persistent XSS vulnerability is only exploitable by users with specific privileges and may be used for escalating privileges.
Elefant is a content managment system written in PHP. In version 1.3.12-RC, it is vulnerable to multiple persistent as well as a reflected XSS issue. To exploit these vulnerabilities a user account is required most of the time but registration is open by default. XSS allows an attacker to steal cookies, inject JavaScript keyloggers, or bypass CSRF protection.
Plone is an open source CMS written in python. In version 5.0.5, the Zope Management Interface (ZMI) component is vulnerable to reflected XSS as it does not properly encode double quotes.
MyLittleForum is forum software written in PHP. In version 2.3.6.1, it is vulnerable to reflected cross site scripting as well as relative path overwrite. XSS can be used to steal cookies, inject JavaScript keyloggers, or bypass CSRF protection, and RPO may lead to CSS injection.
SPIP is a content management system written in PHP. In version 3.1, it is vulnerable to a persistent as well as reflected cross site scripting vulnerability as it allows users to enter URLs containing the JavaScript protocol, which an attacker can exploit to steal cookies, inject JavaScript keylogger, or bypass CSRF protection. Additionally, it contains a Host Header Injection which may lead to the leakage of password reset tokens and thus the compromisation of user accounts. Finally, the application discloses httpOnly cookies, making exploitation of XSS issues slightly easier.
Mezzanine is an open source CMS written in python. In version 4.2.0, it is vulnerable to two persistent XSS attacks, one of which requires extended privileges, the other one does not. These issues allow an attacker to steal cookies, inject JavaScript keyloggers, or bypass CSRF protection.
MoinMoin is an open source Wiki application written in python. In version 1.9.8, it is vulnerable to two persistent XSS issues. This allows an attacker to steal cookies, inject JavaScript keyloggers, or bypass CSRF protection.
FUDforum is forum software written in PHP. In version 3.0.6, it is vulnerable to multiple persistent XSS issues. This allows an attacker to steal cookies, inject JavaScript keyloggers, or bypass CSRF protection. Additionally, FUDforum is vulnerable to Login-CSRF.
This article will provide a short overview of the security implications of treating POST and GET requests interchangeably, thus allowing a POST to GET downgrade. It will conclude with possible solutions.
Kajona is an open source CMS written in PHP. In version 4.7, it is vulnerable to multiple XSS attacks and limited directory traveral. The XSS vulnerabilities are reflected as well as persistent, and can lead to the stealing of cookies, injection of keyloggers, or the bypassing of CSRF protection. The directory travseral issue gives information about which files exist on a system, and thus allows an attacker to gather information about a system.
MyBB is forum software written in PHP. In version 1.8.6, it contains various XSS vulnerabilities, some of which are reflected and some of which are persistent. Some of them depend on custom forum or server settings. These issues may lead to the injection of JavaScript keyloggers, injection of content such as ads, or the bypassing of CSRF protection, which would for example allow the creation of a new admin user.
Oxwall is a social networking software written in PHP. In version 1.8.0, it is vulnerable to multiple XSS attacks and a persistent open redirect. The XSS vulnerabilities are reflected as well as persistent, and can lead to the stealing of cookies, injection of keyloggers, or the bypassing of CSRF protection.
PivotX is vulnerable to reflected XSS.
There are various XSS vulnerabilities in Atutor 2.2.
There are multiple XSS vulnerabilities in DYNPG 4.6.
There is a reflected XSS vulnerability in Wolf CMS v0.8.3.1.
There are multiple XSS vulnerabilities in Xoops 2.5.7.1.
PhpSocial v2.0.0304 is vulnerable to persistent XSS.
There is a reflected XSS vulnerability in Arastta 1.1.5.
Grawlix 1.0.3 has multiple reflected XSS vulnerabilities.
There are two reflected XSS and one open redirect vulnerability in CouchCMS 1.4.5.
There is a reflected XSS vulnerability in the search of esoTalk 1.0.0g4.
There are multiple XSS vulnerabilities in 4images 1.7.12.
There is an XSS vulnerability in CodoForum 3.4.
There is a reflected XSS vulnerability in the installation script of Geeklog 2.1.0.
There is a persistent XSS vulnerability in redaxscript 2.5.0. It requires the victim to hover over a link to trigger.
There are two reflected XSS vulnerabilities in appRain 4.0.3.
There are multiple XSS vulnerabilities in LiteCart 1.3.2.
There are multiple XSS vulnerabilities in ClipperCMS 1.3.0.
There is a persistent XSS vulnerability in dotclear 2.8.1.
There are two reflected XSS vulnerabilities in Open Source Social Network 3.5.
There is a reflected XSS vulnerability in Sitemagic CMS 4.1.
There is a reflected XSS vulnerability in Thelia 2.2.1.
There are two XSS vulnerabilities in TomatoCart v1.1.8.6.1.
There are multiple XSS vulnerabilities in XCart 5.2.6.
There are multiple XSS vulnerabilities in TheHostingTool 1.2.6.
There are multiple XSS vulnerabilities in Quick.Cart 6.6.
There are multiple XSS vulnerabilities in the admin area of CubeCart 6.0.7.
There is an XSS vulnerability in Supercali Event Calendar 1.0.8. This issue has not been fixed.
There are multiple XSS vulnerabilities in SQLiteManager 1.2.4. This issue has not been fixed.
There is an XSS vulnerability in MiniBB 3.1.1.
There is an XSS vulnerability in Chyrp CMS 2.5.2. This issue has not been fixed.
There is an XSS vulnerability in SQL Buddy 1.3.3. This issue has not been fixed.
There is an XSS vulnerability in ZeusCart 4.0. This issue has not been fixed.
There is an XSS vulnerability in Anchor CMS 0.9.2. The issue is not yet fixed.
There is a Persistent XSS vulnerability in Serendipity 2.0.1 when using the default 2k11 theme. It requires a click to trigger.
When running on IIS, Phorum 5.2.19 is open to cross site scripting. Additionally, there is an open redirect vulnerability that is not restricted to any operating system.
There is an XSS vulnerability in version 2.3.5 of ModX. As of now, this issue has not been fixed.
There are multiple reflected cross site scripting vulnerabilities in version 3.3.1 of CodoForum.
There are multiple reflected cross site scripting vulnerabilities in version 4.2.3 of BigTree CMS.
