jsondiffpatch 跨站脚本漏洞

jsondiffpatch is a software developed by Benjamín Eidelman, designed for differentiating and patching JavaScript object functions. Versions of jsondiffpatch prior to 0.7.6 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of JSON values and property...

MyBB 跨站脚本漏洞

MyBB MyBulletinBoard is a free, web-based forum software developed by the MyBB team using PHP and MySQL. This software features simplicity in use, support for multiple languages, and scalability. MyBB has a cross-site scripting vulnerability; this vulnerability arises from improper cleaning of...

WordPress plugin Code Embed 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

Comodo Dome Firewall 跨站脚本漏洞

Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability arises from improper cleaning of ID parameters input in operations such ...

SPIP 安全漏洞

SPIP is an open-source software created by SPIP for creating Internet websites. Versions of SPIP prior to 4.4.9 contained a security vulnerability, which was caused by improper cleaning of URLSYNDIC outputs on private joint site pages. This vulnerability could lead to storage-side cross-site...

RLE NOVA PlanManager Cross-Site Script Vulnerability

RLE NOVA PlanManager is a planning and scheduling management software developed by the Spanish company RLE NOVA. RLE NOVA PlanManager has a cross-site scripting vulnerability, which stems from improper cleaning of the comment and brand parameters in the index.php file. This vulnerability may lead...

S40 CMS 安全漏洞

S40 CMS is a content management system by Osirys Personal Developers. A security vulnerability exists in S40 CMS version 0.4.2, which stems from improper cleaning of the parameter p in the index.php page handler, which could lead to a path traversal attack...

The vulnerability of the mptcp_subflow_queue_clean() function in the net/mptcp/subflow.c module of the MPTCP protocol implementation in Linux kernel allows a attacker to cause a service failure.

The vulnerability of the mptcpsubflowqueueclean function in the net/mptcp/subflow.c module of the MPTCP protocol implementation in the Linux operating system is related to improper cleaning when handling exceptions. Exploiting this vulnerability can allow a attacker to cause service failures...

WordPress Plugin WP STAGING WordPress Backup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WP STAGING...

tomcat: improper cleaning of recycled objects could lead to information leak

A flaw was found in Apache Tomcat. Tomcat may skip, after an error, the recycling of the internal objects that the next request/response process might use, resulting in information leaking from one request to the next. This flaw allows a malicious user to have access to this information...

The vulnerability of the web-based management interfaces for Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W microprogramming software VPN routers lies in insufficient cleaning of special elements in the output data used by the incoming component. This allows a malicious actor to execute arbitrary commands.

The vulnerability of the web-based management interfaces for Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W microprogramming systems lies in insufficient cleaning of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a remote...

Vulnerabilities of microprogramming software for Siemens STEP 7 programmable logic controllers, systems for manufacturing process control such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT Production Suite, the system diagnostic tool SIMOCODE ES, the software for parameterizing, diagnosing, and documenting device startup data (SIRIUS Soft Starter ES), technological process control systems like SIMATIC PCS neo, the Opcenter RD&L software platform, and the software for analyzing equipment efficiency and key indicators SIMATIC IT LMS. These vulnerabilities may allow a intruder to trigger malfunctions during maintenance operations due to improper cleaning or resource release.

The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT...

WordPress plugin Flexi Quote Rotator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

convert-svg 路径遍历漏洞

convert-svg is open source series of open source software for converting SVG format files to other formats. A security vulnerability exists in versions of convert-svg prior to 0.6.4 that stems from improper cleaning of SVG tags...

The vulnerability of the PowerScale OneFS operating system, related to improper cleaning or release of resources, allows a perpetrator to trigger a service failure.

The vulnerability of the PowerScale OneFS operating system is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the SSH server on the Cisco IOS XR operating system allows a hacker to read and rewrite any files they choose.

The vulnerability of the SSH server on the Cisco IOS XR operating system is related to insufficient cleaning of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a remote attacker to read and rewrite any files as desired...

A vulnerability in the APT software, related to improper cleaning of the redirection field, allows a malicious actor to execute remote code on the target machine.

The vulnerability in the software of apt is related to improper cleaning of the redirecting field 302 in the HTTP method. Exploiting this vulnerability allows a remote attacker to perform content injection MITM and execute code on the target machine...