20 matches found
EUVD-2018-0197
Malware in sbrugna...
CVE-2024-46995
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue...
CVE-2024-46995 baserCMS has Cross-site Scripting Vulnerability in HTTP 400 Bad Request
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue...
CVE-2024-46995 baserCMS has Cross-site Scripting Vulnerability in HTTP 400 Bad Request
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue...
GHSA-MR7Q-FV7J-JCGV baserCMS has a Cross-site Scripting (XSS) Vulnerability in HTTP 400 Bad Request
XSS vulnerability in HTTP 400 Bad Request to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in HTTP 400 Bad Request. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...
baserCMS has a Cross-site Scripting (XSS) Vulnerability in HTTP 400 Bad Request
XSS vulnerability in HTTP 400 Bad Request to baserCMS. Target baserCMS 5.1.1 and earlier versions Vulnerability Malicious code may be executed in HTTP 400 Bad Request. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more information...
CVE-2022-39294 (DoS) Denial of Service from unchecked request length in conduit-hyper
conduit-hyper integrates a conduit application with the hyper server. Prior to version 0.4.2, conduit-hyper did not check any limit on a request's length before calling hyper::body::tobytes. An attacker could send a malicious request with an abnormally large Content-Length, which could lead to a...
Denial Of Service (DoS)
curl is vulnerable to denial of service attacks. A malicious user is able to cause an application crash due to improper validation of syntactic correctness of the input, which makes the server return a 400 Bad Request response...
Fedora 27 : 1:rubygem-sinatra (2018-0b17e1e529)
Fix XSS in the 400 Bad Request page CVE-2018-11627, rhbz1585218. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
GHSA-MQ35-WQVF-R23C Sinatra Cross-site Scripting vulnerability
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception...
CVE-2018-11627
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception...
CVE-2018-11627
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception...
Cross site request forgery (csrf)
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception...
CVE-2018-11627
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception...
CVE-2018-11627
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception...
CVE-2018-11627
CVE-2018-11627 affects the Sinatra Ruby gem (pre-2.0.2) with an XSS in the 400 Bad Request page triggered by a params parser exception. Fedora/RH advisories (e.g., RHSA-2019:0212, RHSA-2019:0315) document fixes and package updates for rubygem-sinatra across affected Fedora/RHEL releases; OpenVAS/...
XSS via the 400 Bad Request page
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception...
Moderate: Red Hat Security Advisory: tomcat security update
An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
nc contract returns "HTTP/1.1 4 0 0 Bad Request" solution-vulnerability warning-the black bar safety net
Copyright statement: reprint, Please to hyperlink marked article origin and author information and this statement http://qiuren.blogbus.com/logs/37117725.html A lot of times in the debugger when you need to customize the contract, in the ordinary post to submit with Firefox plug-ins enough to cop...
lighttpd -- multiple vulnerabilities
Lighttpd seurity annoucement: lighttpd 1.4.19, and possibly other versions before 1.5.0, does not decode the url before matching against rewrite and redirect patterns, which allows attackers to bypass rewrites rules. this can be a security problem in certain configurations if these rules are used...