6 matches found
CVE-2026-11569 Quay: quay: stored xss via filedrop svg upload
A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...
CVE-2024-45401 stripe-cli Path Traversal vulnerability
stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags...
CVE-2024-45401 stripe-cli Path Traversal vulnerability
stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags...
SUSE CVE-2002-1467
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via 1 an HTTP redirect, 2 a "file://" base in a web document, or 3 a relative URL from a web archive mht file...
ReconCat - Tool To Fetch Archive Url Snapshots From Archive.org
A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose. This application is powered byWMB-Scrapper Installation Clone this...
closermag.fr XSS vulnerability
Vulnerable URL: http://www.closermag.fr/Archive/annee/2013'"/alert"openbugbounty"...