941 matches found
CVE-2020-23046
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component tpl.php via the filename, mid, userid, and templet' parameters...
CVE-2020-23037
Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request...
Code injection
Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request...
CVE-2020-23037
Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request...
CVE-2020-36485
Portable Ltd Playable v9.18 was discovered to contain an arbitrary file upload vulnerability in the filename parameter of the upload module. This vulnerability allows attackers to execute arbitrary code via a crafted JPEG file...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. A cross-site scripting vulnerability exists in DedeCMS version 7.5 SP2, which can be exploited to inject malicious script code via th...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the filename, mid, userid ...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the filename, mid, userid ...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the filename, mid, userid ...
Portable Ltd Playable 代码问题漏洞
Portable Ltd Playable is a Full HD media player for Pc from Portable Ltd, UK. A security vulnerability exists in Portable Playable v9.18, which stems from a lack of effective filtering and restriction in the filename parameter of the software's upload module. The vulnerability allows an attacker ...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the filename, mid, userid ...
Portable Ltd Playable 代码注入漏洞
Portable Ltd Playable is a Full HD media player for Pc from Portable Ltd, UK. Portable Ltd Playable suffers from a code injection vulnerability that stems from Portable Ltd Playable v9.18 containing a code injection vulnerability in the filename parameter. An attacker could use this vulnerability...
Kindeditor 跨站脚本漏洞
KindEditor is a lightweight, open source LGPL, cross-browser, web-based WYSIWYG HTML editor. KindEditor is capable of converting standard text areas to rich text editors. an XSS vulnerability exists in KindEditor prior to version 4.1.x. The vulnerability is related to the affected version not...
CVE-2021-27341
OpenSIS Community Edition version = 7.6 is affected by a local file inclusion vulnerability in DownloadWindow.php via the "filename" parameter...
Design/Logic Flaw
OpenSIS Community Edition version = 7.6 is affected by a local file inclusion vulnerability in DownloadWindow.php via the "filename" parameter...
CVE-2021-27341
OpenSIS Community Edition
CVE-2021-27341
OpenSIS Community Edition version = 7.6 is affected by a local file inclusion vulnerability in DownloadWindow.php via the "filename" parameter...
OpenSIS 路径遍历漏洞
OpenSIS is the community edition of an open source enterprise content management system from Alfresco Software, Inc. The system includes document management, office collaboration and other features. openSIS Community Edition in versions prior to 7.6 there is a local file inclusion vulnerability,...