Vyshnav Vizz

2 exploits Active since Jan 2020
CVE-2020-5842 EXPLOITDB MEDIUM text WORKING POC
Codoforum 4.8.3 - Stored Cross-Site Scripting via User Registration Username Field
Codoforum 4.8.3 allows XSS in the user registration page: via the username field to the index.php?u=/user/register URI. The payload is, for example, executed on the admin/index.php?page=users/manage page.
CVSS 6.1
CVE-2020-5306 EXPLOITDB MEDIUM text WORKING POC
Codoforum 4.8.3 - Stored Cross-Site Scripting via Display Name, Title, or Content Parameters
Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content.
CVSS 4.8