CVE-2025-1543 iteachyou Dreamer CMS ueditor-1.4.3.3 path traversal

A vulnerability, which was classified as problematic, has been found in iteachyou Dreamer CMS 4.1.3. This issue affects some unknown processing of the file /resource/js/ueditor-1.4.3.3. The manipulation leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed ...

Baidu UEditor 代码问题漏洞

Baidu UEditor is a WYSIWYG rich text web editor from the Chinese company Baidu. A code issue vulnerability exists in Baidu UEditor version 1.4.3.3, which stems from the operation of the parameter upfile that can lead to unrestricted uploads...

Ueditor cross-site scripting vulnerability (CNVD-2024-02966)

UEditor is a rich text web editor that is lightweight, customizable, and focused on user experience. A cross-site scripting vulnerability exists in Ueditor version 1.4.3.3. An attacker can exploit this vulnerability to obtain user cookie information...

CVE-2021-37271

Cross Site Scripting XSS vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information...

Ueditor 跨站脚本漏洞

UEditor is a rich text web editor that is lightweight, customizable, and focused on user experience. A cross-site scripting vulnerability exists in Ueditor version 1.4.3.3. An attacker can exploit this vulnerability to obtain user cookie information...

Input validation

In YzmCMS 5.6, XSS was discovered in member/membercontent/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3...

CVE-2020-23369

In YzmCMS 5.6, XSS was discovered in member/membercontent/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3...

Security Bulletin: Samba vulnerability issue on IBM SONAS (CVE-2014-0178)

Summary A fix is available for IBM SONAS, for the security issue that an attacker could obtain sensitive information by exploiting a vulnerability in Samba protocol server Vulnerability Details CVEID: CVE-2014-0178 DESCRIPTION: Samba protocol server is used in IBM SONAS to enable file management...

Security Bulletin: IBM Storwize V7000 Unified security vulnerabilities related to Mozilla Firefox (CVE-2014-1518, CVE-2014-1523, CVE-2014-1524, CVE-2014-1529, CVE-2014-1530, CVE-2014-1531, CVE-2014-1532, CVE-2014-1533, CVE-2014-1538, CVE-2014-1541)

Summary There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions of IBM Storwize V7000 Unified. Vulnerability Details CVEID: CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 CVE-2014-1533 CVE-2014-1538...

Security Bulletin: OpenSSL security vulnerability on IBM SONAS (CVE-2014-0224)

Summary A fix is available for IBM SONAS, for the OpenSSL security vulnerability Vulnerability Details CVEID: CVE-2014-0224 DESCRIPTION: SSL/TLS MITM vulnerability An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. Thi...

Security Bulletin: Unauthorized privileges can be obtained from IBM Service account on IBM SONAS (CVE-2014-3043)

Summary A fix is available for IBM SONAS, for the security issue that unauthorized privileges can be obtained from IBM Service account. Vulnerability Details CVEID: CVE-2014-3043 DESCRIPTION: The IBM SONAS service account can be used to obtain unauthorized privileges on a IBM SONAS system. The...

Security Bulletin: Privileged access can be obtained from IBM Service account on IBM Storwize V7000 Unified (CVE-2014-3043)

Summary A fix is available for IBM Storwize V7000 Unified, for the security issue that privileged access can be obtained from IBM Service account. Vulnerability Details CVEID: CVE-2014-3043 DESCRIPTION: The IBM Storwize V7000 Unified service account can be used to obtain unauthorized privileges o...

Security Bulletin: IBM SONAS Administrator password can be read by the root user from the shell command history (CVE-2014-3045)

Summary A fix is available for IBM SONAS, for the security issue that after changing password of administrative user, the password can be read by the root user from the shell command history. Vulnerability Details CVEID: CVE-2014-3045 DESCRIPTION: One of the purposes of chuser command is to modif...

Security Bulletin: OpenSSL security vulnerability issues on IBM Storwize V7000 Unified system (CVE-2013-4353, CVE-2013-6449, CVE-2013-6450)

Summary For the three security issues with openssl that could result in denial of service, a fix is available for IBM Storwize V7000 Unified system. Vulnerability Details CVEID: CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 DESCRIPTION: OpenSSL is used in IBM Storwize V7000 Unified system for providi...

Security Bulletin: Mozilla firefox vulnerability issues on IBM SONAS (CVE-2014-1493, CVE-2014-1497, CVE-2014-1505, CVE-2014-1508, CVE-2014-1509, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514)

Summary SONAS is shipped with Mozilla firefox, for which fixes are available for security vulnerabilities. Vulnerability Details CVEID: CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 DESCRIPTION: SONAS is...

CVE-2017-14744

UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element...

zenphoto 1.4.3.3 - Multiple Vulnerabilities

No description provided by source. waraxe-2012-SA096 - Multiple Vulnerabilities in Zenphoto 1.4.3.3 =============================================================================== Author: Janek Vind waraxe Date: 03. November 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-96.html...

Zenphoto 1.4.3.3 SQL Injection / Interface Exposure / XSS

waraxe-2012-SA096 - Multiple Vulnerabilities in Zenphoto 1.4.3.3 =============================================================================== Author: Janek Vind "waraxe" Date: 03. November 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-96.html Description of vulnerable...