220 matches found
CVE-2018-1999007
CVE-2018-1999007 is a cross-site scripting vulnerability in Jenkins up to version 2.132 (and 2.121.1 and earlier for some components) involving the Stapler web framework. When Stapler debug mode is enabled, error/404 pages could display unescaped URL parts, allowing an attacker who can influence ...
CVE-2017-18286
nZEDb v0.7.3.3 has XSS in the 404 error page...
Cross site scripting
nZEDb v0.7.3.3 has XSS in the 404 error page...
CVE-2017-18286
nZEDb v0.7.3.3 has XSS in the 404 error page...
CVE-2017-18286
CVE-2017-18286 affects nZEDb v0.7.3.3, with a Cross‑Site Scripting (XSS) flaw on the 404 error page caused by inadequate input filtering in the 404 page rendering. This can allow an attacker to inject arbitrary script in the victim’s browser through the URL. Several sources corroborate the XSS is...
CVE-2017-18286
nZEDb v0.7.3.3 has XSS in the 404 error page...
nZEDb Cross-Site Scripting Vulnerability
nZEDb is a set of open source usenet news network indexer , it provides a Web-based front-end , support for searching , browsing usenet . A cross-site scripting vulnerability exists in the 404 error page in version 0.7.3.3 of nZEDb, which stems from the program failing to adequately filter input....
Error: "404 - File or directory not found" when launching new stores created on StoreFront
New stores created on StoreFront are showing error: "404 - File or directory not found" at launch. Old stores can be launched properly...
openSUSE Security Update : php7 (openSUSE-2018-441)
This update for php7 fixes the following issues : Security issues fixed : - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...
PHP ext/phar/phar_object.c file suffers from a reflected cross-site scripting vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...
CVE-2018-10547
An issue was discovered in ext/phar/pharobject.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an...
USN-3600-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain stream metadata. A remote attacker could possibly use this issue to set arbitrary metadata. This issue only affected Ubuntu 14.04 LTS. CVE-2016-10712 It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker...
igi-global.com XSS vulnerability
Open Bug Bounty ID: OBB-578793 Description| Value ---|--- Affected Website:| igi-global.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
USN-3566-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting XSS attacks. CVE-2018-5712 It was discovered that PHP incorrectly handled memory when unserializing certain data. A remote attacker could use thi...
PHP cross-site scripting vulnerability (CNVD-2018-03157)
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...
CVE-2018-5712
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file...
CVE-2018-5712
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file...
CVE-2018-5712
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file...
ownCloud: This is not the security issue.
Here a subdomain path: https://apps.owncloud.com/ a strange thing in this domain is that a new user can not create account but he can login in. On that path:- https://apps.owncloud.com/usermanager/new.php In this path registration file has been removed or something and saying 404 error. I mean wh...
Informatica: [wave.informatica.com]- Subdomain missconfiguration
One of your subdomain https://wave.informatica.com has a CNAME record that resolved to ghs.google.com and shows 404 error when navigating to subdomain. You should remove CNAME entry for that subdomain pointing towards ghs.google.com. Although I couldnt verify the domain ownership process to fully...