CVE-2024-25090 Apache Roller: Insufficient input validation for some user profile and bookmark fields when Roller in untested-users mode

Insufficient input validation and sanitation in Profile name & screenname, Bookmark name & description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted...

PT-2024-5531 · Apache · Apache Roller

Name of the Vulnerable Software and Affected Versions: Apache Roller versions 5.0.0 through 6.1.2 Description: The issue is caused by insufficient input validation and sanitation in features such as Profile name & screenname, Bookmark name & description, and blogroll name. This allows an...

Organizr 跨站脚本漏洞

Organizr is a tab management system designed to be a one-stop shop for server front ends. Organizr version 2.1.1810 previously existed a cross-site scripting vulnerability, the vulnerability stems from the bookmark tab and bookmark category fields lack of user-supplied data and output data...

FileZilla 3.33 - Buffer Overflow (PoC)

FileZilla 3.33 - Buffer Overflow PoC Exploit Title: FileZilla 3.33 Buffer-Overflow PoC Author: Kağan Çapar Discovery Date: 2018-10-10 Software Link: https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/filezilla/3.33.0-1/filezilla3.33.0-1.debian.tar.xz Vendor Homepage :...