Emiel Florijn

2 exploits Active since Jan 2015
EIP-2026-107680 EXPLOITDB text WRITEUP
Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
CVE-2014-9528 EXPLOITDB text WRITEUP
HumHub <0.10.0-rc.1 - SQL Injection
SQL injection vulnerability in the actionIndex function in protected/modules_core/notification/controllers/ListController.php in HumHub 0.10.0-rc.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the from parameter to index.php. NOTE: this can be leveraged for cross-site scripting (XSS) attacks via a request that causes an error.