50 matches found
EUVD-2017-0061
Malware in sbrugna...
EUVD-2017-0060
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-9910
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special...
Linux Distros Unpatched Vulnerability : CVE-2016-9909
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than...
SUSE CVE-2016-9909
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...
SUSE CVE-2016-9910
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...
GHSA-V9V9-XFFQ-RWR4 Improper Neutralization of Input During Web Page Generation in html5lib
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...
mezzanine (>=3.0.0 <=3.0.4) potentially affected by CVE-2016-9909 via html5lib (=0.95.0)
html5lib PYPI version =0.95.0 is affected by a known vulnerability. The following packages have a transitive dependency on html5lib and may be impacted: - mezzanine =3.0.0, =3.0.4 Source cves: CVE-2016-9909 Source advisory: OSV:GHSA-V9V9-XFFQ-RWR4...
Improper Neutralization of Input During Web Page Generation in html5lib
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...
GHSA-8F6M-GFQ9-G33V Cross-site Scripting in html5lib
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...
Cross-site Scripting in html5lib
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...
mezzanine (>=3.0.0 <=3.0.4) potentially affected by CVE-2016-9910 via html5lib (=0.95.0)
html5lib PYPI version =0.95.0 is affected by a known vulnerability. The following packages have a transitive dependency on html5lib and may be impacted: - mezzanine =3.0.0, =3.0.4 Source cves: CVE-2016-9910 Source advisory: OSV:GHSA-8F6M-GFQ9-G33V...
Mageia: Security Advisory (MGASA-2017-0001)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 30 Update: rubygem-loofah-2.2.3-4.fc30
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It's built on top of Nokogiri and libxml2, so it's fast and has a nice API. Loofah excels at HTML sanitization XSS prevention. It includes some nice HTML sanitizers, which are based on HTML5lib's...
[SECURITY] Fedora 31 Update: rubygem-loofah-2.2.3-4.fc31
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It's built on top of Nokogiri and libxml2, so it's fast and has a nice API. Loofah excels at HTML sanitization XSS prevention. It includes some nice HTML sanitizers, which are based on HTML5lib's...
Cangibrina v0.8.7 - A Fast And Powerfull Dashboard (Admin) Finder
Dashboard Finder Cangibrina is a multi platform tool which aims to obtain the Dashboard of sites using brute-force over wordlist, google, nmap, and robots.txt Requirements: Python 2.7 mechanize PySocks beautifulsoup4 html5lib Nmap --nmap TOR --tor Install: Linux git clone...
Cangibrina: A Domain Admin Dashboard Finder!
PenTestIT RSS Feed This is a short post about an open source domain administrative dashboard finder - Cangibrina that is coded in Python. The name Cangibrina is Brazilian for Cachaça in local slang, which is a distilled spirit made from fermented sugarcane juice. What is Cangibrina? Cangibrina is...
Cross-Site Scripting (XSS)
html5lib is vulnerable to cross-site scripting XSS attacks. It is because the html serializer does not properly handle the less than characters in attribute values...
Cangibrina - A Fast And Powerfull Dashboard (Admin) Finder
Cangibrina is a multi platform tool which aims to obtain the Dashboard of sites using brute-force over wordlist, google, nmap, and robots.txt Requirements: Python 2.7 mechanize PySocks beautifulsoup4 html5lib Nmap --nmap TOR --tor Install: Linux git clone http://github.com/fnk0c/cangibrina.git cd...
PYSEC-2017-14
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...