23 matches found
CVE-2021-27317
Cross Site Scripting XSS vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...
CVE-2026-27317
Not used...
CVE-2025-27317
Cross-Site Request Forgery CSRF vulnerability in IT-RAYS RAYS Grid rays-grid allows Cross Site Request Forgery.This issue affects RAYS Grid: from n/a through = 1.3.1...
CVE-2025-27317
Cross-Site Request Forgery CSRF vulnerability in IT-RAYS RAYS Grid rays-grid allows Cross Site Request Forgery.This issue affects RAYS Grid: from n/a through = 1.3.1...
CVE-2025-27317 WordPress RAYS Grid Plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in IT-RAYS RAYS Grid rays-grid allows Cross Site Request Forgery.This issue affects RAYS Grid: from n/a through = 1.3.1...
CVE-2025-27317 WordPress RAYS Grid Plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in IT-RAYS RAYS Grid rays-grid allows Cross Site Request Forgery.This issue affects RAYS Grid: from n/a through = 1.3.1...
io.github.embedded-middleware:embedded-pulsar-core (>=0.0.4 <=0.0.5), org.apache.pulsar:pulsar-broker (>=2.11.0 <=2.11.3) +4 more potentially affected by CVE-2024-27317 via org.apache.pulsar:pulsar-functions-worker (>=2.11.0 <=2.11.3)
org.apache.pulsar:pulsar-functions-worker MAVEN version =2.11.0, =0.0.4, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.3 Source cves: CVE-2024-27317 Source advisory: OSV:GHSA-JG2G-4RJG-CMQH...
org.apache.pulsar:pulsar-broker (>=3.1.0 <=3.1.2), org.apache.pulsar:pulsar-broker-auth-athenz (>=3.1.0 <=3.1.2) +3 more potentially affected by CVE-2024-27317 via org.apache.pulsar:pulsar-functions-worker (>=3.1.0 <=3.1.2)
org.apache.pulsar:pulsar-functions-worker MAVEN version =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.2 Source cves: CVE-2024-27317 Source advisory: OSV:GHSA-JG2G-4RJG-CMQH...
com.datastax.oss:pulsar-jms-filters (>=4.0.0 <=4.0.1), io.github.yangl:pulsar-msg-filter-plugin (=3.0) +6 more potentially affected by CVE-2024-27317 via org.apache.pulsar:pulsar-functions-worker (>=3.0.0 <=3.0.2)
org.apache.pulsar:pulsar-functions-worker MAVEN version =3.0.0, =4.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.17 Source cves: CVE-2024-27317 Source advisory: OSV:GHSA-JG2G-4RJG-CMQH...
org.apache.pulsar:pulsar-broker (=3.2.0), org.apache.pulsar:pulsar-broker-auth-athenz (=3.2.0) +3 more potentially affected by CVE-2024-27317 via org.apache.pulsar:pulsar-functions-worker (=3.2.0)
org.apache.pulsar:pulsar-functions-worker MAVEN version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.pulsar:pulsar-functions-worker and may be impacted: - org.apache.pulsar:pulsar-broker =3.2.0 -...
CVE-2024-27317
A path traversal vulnerability was found in Apache Pulsar. Pulsar allows authenticated users to upload functions to be run by the Pulsar Function Workers, these codes are in the format of a ZIP file. When extracting the uploaded ZIP file Pulsar fails to properly validate the file names contained ...
CVE-2024-27317
creationtimestamp| type| source ---|---|--- 2024-03-12 20:26:31+00:00| seen| https://t.me/ctinow/206102 2024-03-12 20:26:37+00:00| seen| https://t.me/ctinow/206108 2024-03-12 21:46:26+00:00| seen| https://t.me/ctinow/206192 2024-04-09 18:43:51+00:00| seen| https://t.me/arpsyndicate/4395...
CVE-2024-27317
In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when the filenames in th...
CVE-2024-27317
Root cause: a directory traversal in archive extraction when uploaded ZIPs (jar/nar) are processed by Pulsar Functions Worker, allowing creation/modification of files outside the extraction dir. Attack surface includes Pulsar Broker when functionsWorkerEnabled=true. Affected versions span 2.4.0–2...
CVE-2023-27317 Information Disclosure Vulnerability in ONTAP 9
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This could lead to...
CVE-2021-27317
Cross Site Scripting XSS vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...
CVE-2021-27317
Cross Site Scripting XSS vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...
CVE-2021-27317
Cross Site Scripting XSS vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...
CVE-2021-27317
CVE-2021-27317 is a documented Cross Site Scripting (XSS) vulnerability in the Doctor Appointment System 1.0, specifically in the file contactus.php . The vulnerability allows remote attackers to inject arbitrary web script or HTML via the comment parameter. Public sources note that the issue ari...
Doctor Appointment System 1.0 Cross Site Scripting Vulnerability
Exploit Title: Doctor Appointment System 1.0 - Reflected POST based Cross Site Scripting XSS in comment parameter CVE: CVE-2021-27317 Exploit Author: Soham Bakore Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...