4 matches found
EUVD-2024-2682
Malicious code in bioql PyPI...
MGASA-2019-0035 Updated python-django packages fix security vulnerability
An upstream patch has been backported to fix a security vulnerability in python-django. CVE-2019-3498: Content spoofing possibility in the default 404 page An attacker could craft a malicious URL that could make spoofed content appear on the default page generated by the...
HongCMS Cross-Site Scripting Vulnerability (CNVD-2018-14424)
HongCMS is an open source lightweight content management system CMS. A cross-site scripting vulnerability exists in the system\errors\404.php page in HongCMS version 3.0.0, which originates from the program using incorrect code. A remote attacker can exploit this vulnerability to inject arbitrary...
Deerfield VisNetic WebSite 3.5.13 .1 Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6369/info A vulnerability has been discovered in VisNetic Website when generating a 404 page for a non-existent resources. The issue is due to insufficient sanitization of the HTTP 'referer' header. It is possible to caus...