CKAN 安全漏洞

CKAN is an open source DMS Data Management System from CKAN Open Source. It is used to power data centers and data portals. CKAN has a security vulnerability that stems from the Datatables view plugin failing to properly escape record data from the DataStore...

PT-2024-29500 · Ckan +2 · Datatables View Plugin +3

Name of the Vulnerable Software and Affected Versions: CKAN versions 2.7.0 through 2.10.4 CKAN version 2.11.0 is not affected, but versions prior to 2.11.0 are vulnerable if they are earlier than 2.10.5. Description: The Datatables view plugin in CKAN did not properly escape record data coming fr...

datatables.net: contents of array not escaped by HTML escape entities function

An improper neutralization of input vulnerability was found in datatables.net. If an array is passed to the HTML escape entities function, it does not have its contents escaped, possibly leading to cross site scripting XSS...

CVE-2024-3821

The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdtajaxactions.php file in all versions up to, and including, 6.3.2. This makes it possible for...

sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial SQL Injection Vulnerability

sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial is an open source project to help people learn how to build or develop a PHP CRUD without refresh/reload using Ajax and DataTables. sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial...

Nessus Network Monitor < 6.3.0 Multiple Vulnerabilities (TNS-2023-34)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-34 advisory. - Nessus Network Monitor leverages third-party software to help provide underlying...

DataTables < 1.10.10 Cross-Site Scripting

According to its self-reported version number, DataTables is prior to 1.10.10. Therefore, it may be affected by a cross-site scripting vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

CVE-2021-36713

Cross Site Scripting XSS vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function fnCreateCookie. NOTE: 1.9.2 is a version from 2012...

CVE-2021-36713

Cross Site Scripting XSS vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function fnCreateCookie. NOTE: 1.9.2 is a version from 2012...

CVE-2021-36713

Cross Site Scripting XSS vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function fnCreateCookie. NOTE: 1.9.2 is a version from 2012...

Cross site scripting

Cross Site Scripting XSS vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function fnCreateCookie. NOTE: 1.9.2 is a version from 2012...

UBUNTU-CVE-2021-36713

Cross Site Scripting XSS vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function fnCreateCookie. NOTE: 1.9.2 is a version from 2012...

CVE-2021-36713

Cross Site Scripting XSS vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function fnCreateCookie. NOTE: 1.9.2 is a version from 2012...

CVE-2021-36713

CVE-2021-36713: Cross-Site Scripting (XSS) in the DataTables plug-in for jQuery (version 1.9.2) allows attackers to run arbitrary code via the sBaseName parameter to the function _fnCreateCookie. Documented references point to 2012-era 1.9.2 release; connected sources confirm this as the affected...

Sprymedia Datatables 跨站脚本漏洞

Sprymedia Datatables is a Javascript-based plug-in from Sprymedia UK that supports efficient display of data on Html pages. A security vulnerability exists in Sprymedia DataTables version 1.9.2, which stems from a cross-site scripting XSS vulnerability that can be exploited by attackers to execut...

CVE-2021-36713

Cross Site Scripting XSS vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function fnCreateCookie. NOTE: 1.9.2 is a version from 2012...

Tenable Nessus < 10.3.1 Multiple Vulnerabilities (TNS-2022-20)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

Vulnerabilities fixed in Tenable Nessus

Vulnerabilities have been fixed in Tenable Nessus. Nessus makes uses opensource products moment.js, expat, datatables, libxml2 and zlib. Tenable chose to upgrade these components to upgrade to address the potential impact of the issues. Tenable has issued updates to address the vulnerabilities. F...

The vulnerability of the DataTables table processing plugin, related to the lack of protection for website structure, allows attackers to compromise data integrity.

The vulnerability of the DataTables table processing plugin is related to incorrect handling of arrays in the input data. Exploiting this vulnerability allows an attacker to compromise the integrity of the data...

Cross-Site Scripting in extension "Bookdatabase" (extbookdatabase)

The extension bundles a vulnerable version of the 3rd party JavaScript component “Datatables” which was known to be vulnerable against Cross-Site Scripting...