Search Results | AttackerKB

Show filters

Topics 14 Users 9,714

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

14 Total Results

Displaying 11-14 of 14

Attacker Value

Unknown

CVE-2020-5843

Disclosure Date: January 07, 2020 (last updated February 21, 2025)

Codoforum 4.8.3 allows XSS in the admin dashboard via a category to the Manage Users screen.

Attack Vector: Network Privileges: High User Interaction: Required

0

Attacker Value

Unknown

CVE-2020-5305

Disclosure Date: January 05, 2020 (last updated February 21, 2025)

Codoforum 4.8.3 allows XSS in the admin dashboard via a name field of a new user, i.e., on the Manage Users screen.

Attack Vector: Network Privileges: High User Interaction: Required

0

Attacker Value

Unknown

CVE-2020-5306

Disclosure Date: January 05, 2020 (last updated February 21, 2025)

Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content.

Attack Vector: Network Privileges: High User Interaction: Required

0

Attacker Value

Unknown

CVE-2014-9261

Disclosure Date: March 23, 2015 (last updated October 05, 2023)

The sanitize function in Codoforum 2.5.1 does not properly implement filtering for directory traversal sequences, which allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to index.php.

0