Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sourcefabric vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1934
SQL injection vulnerability in admin/country/edit.php in Newscoop prior to 3.5.5 and 4.x prior to 4 RC4 allows remote malicious users to execute arbitrary SQL commands via the f_country_code parameter.
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
Sourcefabric Newscoop 4
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
1 EDB exploit
NA
CVE-2012-1935
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x prior to 3.5.5 and 4.x prior to 4 RC4 allow remote malicious users to inject arbitrary web script or HTML via the (1) Back parameter to admin/ad.php, or the (2) token or (3) f_email parameter to admin/password_...
Sourcefabric Newscoop 4
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
1 EDB exploit
NA
CVE-2013-0730
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x up to and including 4.1.0 allow remote malicious users to inject arbitrary web script or HTML via vectors involving the (1) language parameter to application/modules/admin/controllers/LanguagesController.php or (...
Sourcefabric Newscoop 4.0
Sourcefabric Newscoop 4.0.4
Sourcefabric Newscoop 4.0.1
Sourcefabric Newscoop 4.1.0
Sourcefabric Newscoop 4.0.2
Sourcefabric Newscoop 4.0.3
NA
CVE-2012-1933
Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x prior to 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) include/phorum_load.php, (2)...
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 4.0
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop 3.5.4
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.1
1 EDB exploit
NA
CVE-2012-4679
Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop prior to 3.5.5 allows remote malicious users to inject arbitrary web script or HTML via the f_user_name parameter.
Sourcefabric Newscoop 3.5.1
Sourcefabric Newscoop 3.5.0
Sourcefabric Newscoop 3.5.3
Sourcefabric Newscoop 3.5.2
Sourcefabric Newscoop
1 EDB exploit
9.8
CVSSv3
CVE-2024-0714
A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.5.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file userScripts.php of the component HTTP Request Handler. The manipulation of the argument folder with the input ;nc 10...
Sourcefabric Phoniebox
7.8
CVSSv3
CVE-2020-11807
Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ pat...
Sourcefabric Newscoop 4.4.7
NA
CVE-2010-4973
Cross-site scripting (XSS) vulnerability in the search feature in Campsite 3.4.0 allows remote malicious users to inject arbitrary web script or HTML via the f_search_keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
Sourcefabric Campsite 3.4.0
9.8
CVSSv3
CVE-2022-36749
RPi-Jukebox-RFID v2.3.0 exists to contain a command injection vulnerability via the component /htdocs/utils/Files.php. This vulnerability is exploited via a crafted payload injected into the file name of an uploaded file.
Sourcefabric Rpi-jukebox-rfid 2.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started