25 matches found
CVE-2026-43532 OpenClaw 2026.4.7 < 2026.4.10 - Sandbox Media Normalization Bypass via Discord Event Cover Image
OpenClaw versions 2026.4.7 before 2026.4.10 fail to normalize Discord event cover image parameters in sandbox media processing. Attackers can bypass media normalization to inject host-local media references into channel action paths expecting normalized media...
EUVD-2005-3863
Malware in sbrugna...
EUVD-2021-10243
Malware in sbrugna...
EUVD-2013-4399
Malware in sbrugna...
EUVD-2022-35059
Malicious code in bioql PyPI...
Car Rental Project Unlimited Upload Vulnerability
Car Rental Project is a car rental program. Car Rental Project has an unlimited upload vulnerability that stems from the lack of valid validation of uploaded files by the parameters img1/img2/img3/img4/img5 in the file /admin/post-avehical.php. No details of the vulnerability are available at thi...
CampCodes Online Shopping Portal 代码问题漏洞
CampCodes Online Shopping Portal is an online shopping portal from CampCodes, Inc. A code issue vulnerability exists in CampCodes Online Shopping Portal version 1.0, which stems from improper manipulation of the productimage1/productimage2/productimage3 parameter in file...
CVE-2025-4926
A vulnerability was found in PHPGurukul Car Rental Project 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/post-avehical.php. The manipulation of the argument img1/img2/img3/img4/img5 leads to unrestricted upload. The attack may be launched...
PHPGurukul Car Rental Project 安全漏洞
Car Rental Project is a car rental program. Car Rental Project has an unlimited upload vulnerability that stems from the lack of valid validation of uploaded files by the parameters img1/img2/img3/img4/img5 in the file /admin/post-avehical.php. No details of the vulnerability are available at thi...
BIT-JOOMLA-2021-23125 [20210103] - Core - XSS in com_tags image parameters
An issue was discovered in Joomla! 3.1.0 through 3.9.23. The lack of escaping of image-related parameters in multiple comtags views cause lead to XSS attack vectors...
CVE-2024-9038
A vulnerability classified as problematic was found in Codezips Online Shopping Portal 1.0. Affected by this vulnerability is an unknown functionality of the file insert-product.php. The manipulation of the argument productimage1/productimage2/productimage3 leads to unrestricted upload. The attac...
The vulnerability of the Lightbox module of the SimpLy Gallery Blocks plugin in the WordPress content management system allows attackers to perform cross-site scripting attacks.
The vulnerability of the Lightbox module of the SimpLy Gallery Blocks plugin in the WordPress content management system is related to the lack of protective measures taken for the website’s structure when processing image parameters. Exploiting this vulnerability could allow a malicious actor to...
CVE-2022-2823
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.27.9 does not sanitise and escape some of its Gallery Image parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallow...
WordPress plugin Slider, Gallery, and Carousel by MetaSlider 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
Joomla! cross-site scripting vulnerability (CNVD-2021-03991)
Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A cross-site scripting vulnerability exists in Joomla! 3.1.0-3.9.23. The...
Open Source Matters Joomla 跨站脚本漏洞
Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A cross-site scripting vulnerability exists in Joomla! 3.1.0-3.9.23. The...
[20210103] - Core - XSS in com_tags image parameters
Lack of escaping of image-related parameters in multiple comtags views cause lead to XSS attack vectors...
CVE-2019-1729
A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are accomplished at the root...
[SECURITY] Fedora 27 Update: rawtherapee-5.2-2.fc27
Rawtherapee is a RAW image processing software. It gives full control over many parameters to enhance the raw picture before finally exporting it to some common image format...
The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure
The vulnerability of the Cisco IOS operating system’s Smart Install client implementation is related to resource management errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure device reboot through the list of image parameters created by the Smart Install...