51 matches found
CVE-2024-12351
CVE-2024-12351 affects JFinalCMS 1.0 in the File Content Handler (ContentModel.java findPage). The root cause is manipulation of the argument name that leads to an SQL injection, allowing remote exploitation. Public references describe the issue as critical with high impact to confidentiality, in...
CVE-2024-8949
A vulnerability classified as critical has been found in SourceCodester Online Eyewear Shop 1.0. This affects an unknown part of the file /classes/Master.php of the component Cart Content Handler. The manipulation of the argument cartid/id leads to improper ownership management. It is possible to...
CVE-2024-8949 SourceCodester Online Eyewear Shop Cart Content Master.php improper ownership management
A vulnerability classified as critical has been found in SourceCodester Online Eyewear Shop 1.0. This affects an unknown part of the file /classes/Master.php of the component Cart Content Handler. The manipulation of the argument cartid/id leads to improper ownership management. It is possible to...
CVE-2024-8949 SourceCodester Online Eyewear Shop Cart Content Master.php improper ownership management
A vulnerability classified as critical has been found in SourceCodester Online Eyewear Shop 1.0. This affects an unknown part of the file /classes/Master.php of the component Cart Content Handler. The manipulation of the argument cartid/id leads to improper ownership management. It is possible to...
CVE-2024-8949
Affected software: SourceCodester Online Eyewear Shop 1.0. Vulnerable component/file: Cart Content Handler, specifically the unknown part of /classes/Master.php. Root cause: manipulation of the argument cart_id/id leading to improper ownership management. Impact: remote initiation possible; explo...
PT-2024-39334 · Unknown · Sourcecodester Online Eyewear Shop
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Eyewear Shop version 1.0 Description: A critical vulnerability has been found in the Cart Content Handler component of the SourceCodester Online Eyewear Shop. This issue affects an unknown part of the file...
Online Eyewear Shop 安全漏洞
Online Eyewear Shop is an online eyewear store by the individual developer Carlo Montero. A security vulnerability exists in Online Eyewear Shop version 1.0, which stems from an unknown part of the Cart Content Handler component, where the manipulation of the parameter cartid/id results in improp...
CVE-2024-5590
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been declared as critical. This vulnerability affects unknown code of the file /protocol/iscuser/uploadiscuser.php of the component JSON Content Handler. The manipulation of the argument messagecontent leads to...
CVE-2024-5590 Netentsec NS-ASG Application Security Gateway JSON Content uploadiscuser.php sql injection
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been declared as critical. This vulnerability affects unknown code of the file /protocol/iscuser/uploadiscuser.php of the component JSON Content Handler. The manipulation of the argument messagecontent leads to...
PT-2023-25896 · Mediawiki +1 · Mediawiki Proofreadpage Extension +1
Name of the Vulnerable Software and Affected Versions: MediaWiki ProofreadPage extension versions through 1.39.3 Description: An issue in the ProofreadPage extension for MediaWiki allows hidden users to be exposed via public interfaces, specifically in the includes/Page/PageContentHandler.php and...
SUSE CVE-2022-30973
We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the 1.28.2 release. In Apache Tika, a regular expression in the StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only...
CVE-2023-0246
A vulnerability, which was classified as problematic, was found in earclink ESPCMS P8.21120101. Affected is an unknown function of the component Content Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2023-0246
A vulnerability, which was classified as problematic, was found in earclink ESPCMS P8.21120101. Affected is an unknown function of the component Content Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...
Cross site scripting
A vulnerability, which was classified as problematic, was found in earclink ESPCMS P8.21120101. Affected is an unknown function of the component Content Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2023-0246 earclink ESPCMS Content cross site scripting
A vulnerability, which was classified as problematic, was found in earclink ESPCMS P8.21120101. Affected is an unknown function of the component Content Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2023-0246 earclink ESPCMS Content cross site scripting
A vulnerability, which was classified as problematic, was found in earclink ESPCMS P8.21120101. Affected is an unknown function of the component Content Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...
EARCLINK ESPCMS 跨站脚本漏洞
Honghu Erchuang Netlink Information Technology EARCLINK ESPCMS is an enterprise website building system from China's Honghu Erchuang Netlink Information Technology Company. A cross-site scripting vulnerability exists in EARCLINK ESPCMS P8.21120101, which stems from an unknown function in the...
PT-2023-16109 · Earclink · Earclink Espcms
Name of the Vulnerable Software and Affected Versions: earclink ESPCMS version P8.21120101 Description: A problematic issue was found in the Content Handler component, leading to cross site scripting. The manipulation can be launched remotely. Recommendations: For earclink ESPCMS version...
CVE-2019-25097
A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component Directory Content Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The name o...
UBUNTU-CVE-2019-25097
A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component Directory Content Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The name o...