CVE-2019-9093
- EPSS 0.24%
- Veröffentlicht 21.03.2019 16:01:15
- Zuletzt bearbeitet 21.11.2024 04:50:57
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in file/file/upload in Humhub 1.3.10 Community Edition. The user-supplied input containing a JavaScript payload in the filename parameter is echoed back, which resulted in reflected ...
CVE-2019-9094
- EPSS 0.24%
- Veröffentlicht 21.03.2019 16:01:15
- Zuletzt bearbeitet 21.11.2024 04:50:57
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in /s/adada/cfiles/upload in Humhub 1.3.10 Community Edition. The user-supplied input containing JavaScript in the filename is echoed back in JavaScript code, which resulted in XSS.
CVE-2016-1229
- EPSS 0.22%
- Veröffentlicht 05.06.2016 01:59:03
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-9528
- EPSS 3.24%
- Veröffentlicht 06.01.2015 15:59:06
- Zuletzt bearbeitet 12.04.2025 10:46:40
SQL injection vulnerability in the actionIndex function in protected/modules_core/notification/controllers/ListController.php in HumHub 0.10.0-rc.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the from parameter...