CVE-2017-18636

CDG through 2017-01-01 allows downloadDocument.jsp?command=download= directory traversal...

CVE-2023-34293

Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

CVE-2023-34293

CVE-2023-34293 concerns Ashlar-Vellum Cobalt. The vulnerability is an out-of-bounds write in the parsing of X_B/X_T files, caused by insufficient validation of user-supplied data, enabling remote code execution in the context of the affected process. The exploit requires user interaction (visitin...

CVE-2023-34293 Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

CVE-2019-18636

A cross-site scripting XSS vulnerability in Jitbit .NET Forum aka ASP.NET forum 8.3.8 allows remote attackers to inject arbitrary web script or HTML via the gravatar URL parameter...

CVE-2019-18636

CVE-2019-18636 concerns a cross-site scripting (XSS) vulnerability in Jitbit .NET Forum (ASP.NET forum) 8.3.8. The issue allows remote attackers to inject arbitrary script or HTML via the gravatar URL parameter . Affected component is the web UI handling gravatar URLs; root cause details are not ...

CVE-2017-18636

CDG through 2017-01-01 allows downloadDocument.jsp?command=download&pathAndName= directory traversal...

CVE-2017-18636

CVE-2017-18636 describes a directory traversal vulnerability in CDG through 2017-01-01, exploitable via downloadDocument.jsp?command=download&pathAndName=. Red Hat and NVD entries corroborate the issue; however, the provided documents do not specify affected products, versions beyond the CDG refe...

CVE-2018-18636

The CVE-2018-18636 entry concerns the D-Link DSL-2640T router. A cross-site scripting (XSS) vulnerability exists in the cgi-bin/webcm page reachable on the device, exploitable via the var:RelaodHref or var:conid parameters. Affected product: D-Link DSL-2640T routers (CGI web management interface)...

miamioh.edu XSS vulnerability

Vulnerable URL: http://miamioh.edu/search%27"--!confirmOPENBUGBOUNTY%3C/Script /K//index.html/ Details: Description| Value ---|--- Patched:| Yes, at 16.04.2017 Latest check for patch:| 16.04.2017 11:30 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 18636 VIP...