MAL-2025-36163 Malicious code in test-mlw2-salle-swarf-samps-barge (npm)

The package test-mlw2-salle-swarf-samps-barge was found to contain malicious code...

CVE-2023-36163

Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to execute arbitrary code via a crafted script to the mc parameter of the URL...

CVE-2021-36163

In Apache Dubbo, users may choose to use the Hessian protocol. The Hessian protocol is implemented on top of HTTP and passes the body of a POST request directly to a HessianSkeleton: New HessianSkeleton are created without any configuration of the serialization factory and therefore without...

CVE-2020-36163

An issue was discovered in Veritas NetBackup and OpsCenter through 8.3.0.1. NetBackup processes using Strawberry Perl attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows systems, users can create directories under...

CVE-2021-36163

creationtimestamp| type| source ---|---|--- 2024-01-28 04:14:24+00:00| seen| https://t.me/arpsyndicate/3199...

BuildaGate5library v5 - Reflected Cross-Site Scripting (XSS)

Exploit Title: BuildaGate5library v5 - Reflected Cross-Site Scripting XSS Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: None Version: 5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36163 PoC: An attacker just needs to find the vulnerable parameter mc= and inject the JS code...

BuildaGate5library v5 - Reflected Cross-Site Scripting Vulnerability

Exploit Title: BuildaGate5library v5 - Reflected Cross-Site Scripting XSS Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: None Version: 5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36163 PoC: An attacker just needs to find the vulnerable parameter mc= and inject the JS code...

BuildaGate5 Cross Site Scripting

Exploit Title: BuildaGate5library - Reflected Cross-Site Scripting XSS Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: None Version: 5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36163 PoC: An attacker just needs to find the vulnerable parameter mc= and inject the JS code lik...

CVE-2023-36163

The CVE-2023-36163 entry documents a Cross-Site Scripting (XSS) vulnerability in IP-DOT BuildaGate v.BuildaGate5. The issue is exploitable via a crafted script injected into the URL parameter mc , enabling a remote attacker to execute arbitrary code. Public PoC details exist (ExploitDB) showing t...

CVE-2023-36163

creationtimestamp| type| source ---|---|--- 2023-07-10 11:00:42+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8643 2023-07-10 13:48:04+00:00| published-proof-of-concept| https://t.me/CNArsenal/702 2023-07-11 18:29:44+00:00| seen| https://t.me/cibsecurity/66391 2023-07-...

Exploit for Cross-site Scripting in Buildagate_Project Buildagate

Exploit Title: BuildaGate5library - Reflected Cross-Site Scrip...

cc.jweb:jweb-adai (>=1.0.2 <=1.0.6), cc.jweb:jweb-boot (>=1.0.2 <=1.0.5) +49 more potentially affected by CVE-2021-36163 via org.apache.dubbo:dubbo (>=2.7.0 <=2.7.12)

org.apache.dubbo:dubbo MAVEN version =2.7.0, =1.0.2, =1.0.2, =1.2.1, =1.28.0, =0.0.1, =1.5.1, =2.0.1, =0.1.3, =2.4.0, =2.4.0, =2.4.0, =1.0.0, =1.0.0, =1.0, =1.1 and more Source cves: CVE-2021-36163 Source advisory: OSV:GHSA-CPX9-4RWV-486V...

CVE-2021-36163 Unsafe deserialization in providers using the Hessian protocol

In Apache Dubbo, users may choose to use the Hessian protocol. The Hessian protocol is implemented on top of HTTP and passes the body of a POST request directly to a HessianSkeleton: New HessianSkeleton are created without any configuration of the serialization factory and therefore without...

CVE-2021-36163

Summary: CVE-2021-36163 affects Apache Dubbo when using the Hessian protocol. The HessianSkeleton can be created without configuring the serialization factory, bypassing the dubbo type-list checks. As a result, the generic service is exposed, so an attacker may not need a valid service/method nam...

CVE-2020-36163

CVE-2020-36163 affects Veritas NetBackup and OpsCenter up to 8.3.0.1 on Windows. NetBackup processes using Strawberry Perl may load/execute libraries from paths that default Windows behavior permits to be created under C:\ by low-privilege users. If such a user places an affected library in that ...

CVE-2011-3010

creationtimestamp| type| source ---|---|--- 2011-09-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36162 2011-09-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36163...