CVE-2024-42563

An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file...

CVE-2024-41597

Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...

CVE-2024-41597

Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...

CVE-2024-41597

Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...

Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool

Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the U.S. "MerkSpy is designed to clandestinely monitor user activities,...

CVE-2024-3851

A stored Cross-Site Scripting XSS vulnerability exists in the 'imartinez/privategpt' repository due to improper validation of file uploads. Attackers can exploit this vulnerability by uploading malicious HTML files, such as those containing JavaScript payloads, which are then executed in the...

GHSA-QG73-G3CF-VHHH NocoDB Allows Preview of Files with Dangerous Content

Summary --- Attacker can upload a html file with malicious content. If user tries to open that file in browser malicious scripts can be executed leading Stored XSSCross-Site Script attack. PoC --- NocoDB was configured using the Release Binary Noco-macos-arm64, and nocodb version 0.202.9 currentl...

(Pwn2Own) Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Fedora 40 : w3m (2024-aeb75f8b5b)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-aeb75f8b5b advisory. - Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 2222775, 2222780, 2255207...

PT-2024-4409 · Unknown · Edu-Sharing

Name of the Vulnerable Software and Affected Versions: edu-sharing versions 8.0.8-RC2, 8.1.4-RC0, 9.0.0-RC19 can be simplified to: edu-sharing versions prior to 8.0.8-RC2, 8.1.4-RC0, and 9.0.0-RC19 However, given the instruction to consolidate ranges into the most concise form and considering the...

Updated w3m packages fix security vulnerabilities

An out-of-bounds read flaw was found in w3m, in the Strnewsize function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. CVE-2023-38252 An out-of-bounds read flaw was found in w3m, in the growbuftoStr function in indep.c. This issue may allow an...

Fedora 39 : w3m (2024-3fc66f8bf3)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3fc66f8bf3 advisory. - Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 2222775, 2222780, 2255207...

Fedora 38 : w3m (2024-38c2261ca0)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-38c2261ca0 advisory. - Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 2222775, 2222780, 2255207...

BIT-PARSE-2023-32689 Parse Server vulnerable to phishing attack vulnerability that involves uploading malicious HTML file

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 5.4.4 and 6.1.1 are vulnerable to a phishing attack vulnerability that involves a user uploading malicious files. A malicious user could upload an HTML file to Parse Server vi...

CVE-2024-0243

With the following crawler configuration: python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader url=url, maxdepth=2, extractor=lambda x: Soupx, "html.parser".text docs = loader.load An attacker in control of the contents of https://example.com could...

CVE-2024-25627 Cross-Site Scripting (XSS) via File Upload in Alf.io

Alf.io is a free and open source event attendance management system. An administrator on the alf.io application is able to upload HTML files that trigger JavaScript payloads. As such, an attacker gaining administrative access to the alf.io application may be able to persist access by planting an...

Cross-site Scripting Vulnerability on Avatar Upload

Introduction This write-up describes a vulnerability found in Label Studio, a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.9.2 and was tested on version 1.8.2. Overview Label Studio has a cross-site scripting XSS vulnerability that coul...

Cross Site Scripting (XSS)

labelstudio is vulnerable to Cross Site Scripting XSS. The vulnerability due to improper image sanitization during upload, which allows an authenticated user to upload a crafted image file for their avatar which gets rendered as an HTML file. This allows an attacker to execute arbitrary JavaScrip...

CVE-2024-23633 Label Studio XSS Vulnerability on Data Import

Label Studio, an open source data labeling tool had a remote import feature allowed users to import data from a remote web source, that was downloaded and could be viewed on the website. Prior to version 1.10.1, this feature could had been abused to download a HTML file that executed malicious...

CVE-2024-23633

CVE-2024-23633 affects Label Studio (open‑source data labeling tool) prior to version 1.10.1. The issue arises in the remote import feature: when a URL is fetched, the server uses the URL’s filename and returns a file via an API, with the response content type determined by the file’s extension (...