Search Results | AttackerKB

Show filters

Topics 23 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

23 Total Results

Displaying 21-23 of 23

Attacker Value

Unknown

CVE-2022-31913

Disclosure Date: June 16, 2022 (last updated February 23, 2025)

Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name.

Attack Vector: Network Privileges: High User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-31911

Disclosure Date: June 16, 2022 (last updated February 23, 2025)

Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2020-28141

Disclosure Date: April 19, 2021 (last updated February 22, 2025)

The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page.

Attack Vector: Network Privileges: Low User Interaction: Required

0