85 matches found
EUVD-2020-7879
Malware in sbrugna...
EUVD-2010-5305
Malware in sbrugna...
EUVD-2006-6240
Malware in sbrugna...
EUVD-2019-0235
Malware in sbrugna...
EUVD-2025-7367
Malicious code in bioql PyPI...
EUVD-2023-12364
Malicious code in bioql PyPI...
EUVD-2023-1182
Malicious code in bioql PyPI...
EUVD-2022-29561
Malicious code in bioql PyPI...
EUVD-2021-28289
Malicious code in bioql PyPI...
EUVD-2024-49646
Malicious code in bioql PyPI...
CVE-2010-20045
FileWrangler = 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires...
CVE-2010-20045 FileWrangler <= 5.30 Stack Buffer Overflow
FileWrangler = 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires...
PT-2025-34097 · Undefined · Undefined
FileWrangler = 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires...
PT-2025-12776 · Asustor · Adm
Name of the Vulnerable Software and Affected Versions: ADM versions 4.1.0 through 4.3.3.RH61 ADM version 5.0.0.RIN1 and earlier Description: A stored Cross-Site Scripting XSS issue exists in the Access Control of ADM. The vulnerability allows an attacker to inject malicious scripts into the folde...
Cross-site Scripting (XSS)
Overview concrete5/concrete5 is a concrete5 open source CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insufficient input sanitization in the "Add Folder" functionality. An attacker with admin privileges can exploit this by injecting malicious scripts int...
CVE-2025-0660
Concrete CMS versions 9.0.0 through 9.3.9 are affected by a stored XSS in Folder Function.The "Add Folder" functionality lacks input sanitization, allowing a rogue admin to inject XSS payloads as folder names. The Concrete CMS security team gave this vulnerability a CVSS 4.0 Score of 4.8 with...
WordPress WP Table Manager plugin <= 4.1.3 - Missing Authorization to Authenticated (Subscriber+) Directory Traversal to Folder/File Name Disclosure vulnerability
Missing Authorization to Authenticated Subscriber+ Directory Traversal to Folder/File Name Disclosure vulnerability discovered by Nguyễn Trung Kiên in WordPress Plugin WP Table Manager versions = 4.1.3...
CVE-2024-8401
CWE-79: Improper Neutralization of Input During Web Page Generation ‘Cross-site Scripting’ vulnerability exists when an authenticated attacker modifies folder names within the context of the product...
CVE-2024-8401
CWE-79: Improper Neutralization of Input During Web Page Generation ‘Cross-site Scripting’ vulnerability exists when an authenticated attacker modifies folder names within the context of the product...
CVE-2024-8401
CWE-79: Improper Neutralization of Input During Web Page Generation ‘Cross-site Scripting’ vulnerability exists when an authenticated attacker modifies folder names within the context of the product...