50 matches found
PT-2024-15139 · Easyazon · Easyazon
Name of the Vulnerable Software and Affected Versions: EasyAzon – Amazon Associates Affiliate Plugin versions up to, and including, 5.1.0 Description: The issue is related to Reflected Cross-Site Scripting via the easyazon-cloaking-locale parameter due to insufficient input sanitization and outpu...
BIT-DJANGO-2022-41323
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
The vulnerability of the microprogramming software of the TP-Link TL-WPA7510 network adapter lies in the ability to write data beyond the buffer in memory, allowing a hacker to execute arbitrary commands.
The vulnerability of the TP-Link TL-WPA7510 network adapter’s microprogramming software lies in the ability to write data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the /admin/locale parameter...
SUSE CVE-2022-41323
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
GHSA-QRW5-5H28-6CMG Django denial-of-service vulnerability in internationalized URLs
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
Django denial-of-service vulnerability in internationalized URLs
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
PYSEC-2022-304
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
PYSEC-2022-304
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
CVE-2022-41323
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
CVE-2022-41323
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
CVE-2022-41323
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
CVE-2022-41323
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
UBUNTU-CVE-2022-41323
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression...
PT-2022-7213
Name of the Vulnerable Software and Affected Versions Django versions 3.2 through 3.2.15 Django versions 4.0 through 4.0.7 Django versions 4.1 through 4.1.1 Description The issue is related to insufficient processing of regular expressions in internationalized URLs, which can be exploited to caus...
SITA Software Azur CMS 跨站脚本漏洞
SITA Software Azur CMS is a web CMS. A cross-site scripting vulnerability exists in SITA Software Azur CMS 1.2.3.1 and prior versions, which stems from the software's lack of effective validation and filtering of parameters. This allows a remote attacker to pass 1 NOMCLI, 2 ADRESSE, 3 ADRESSE2, 4...
CVE-2016-1915
Multiple cross-site scripting XSS vulnerabilities in BlackBerry Enterprise Server 12 BES12 Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to 1 mydevice/index.jsp or 2 mydevice/loggedOut.jsp...
CVE-2016-1915
Multiple cross-site scripting XSS vulnerabilities in BlackBerry Enterprise Server 12 BES12 Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to 1 mydevice/index.jsp or 2 mydevice/loggedOut.jsp...
HotelCMS with Booking Engine - SQL injection vulnerability
http://localhost/PATH/locale? locale=SQL the locale parameter there is sql injection Wherein the error injection as follows: payload: http://localhost/PATH/locale? locale=1' AND SELECT 3507 FROMSELECT COUNT,CONCATFLOORRAND02,md5233x FROM INFORMATIONSCHEMA. The PLUGINS GROUP BY xa-- Lilt Test...
BlackBerry Enterprise Service Cross-Site Scripting Vulnerability (CNVD-2016-02632)
BlackBerry Enterprise Service BES is a next-generation mobile device management platform from BlackBerry Canada. A cross-site scripting vulnerability exists in the index.jsp/loggedOut.jsp file in BES version 12.3.1, which can be exploited by a remote attacker to affect confidentiality, integrity...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SilverStripe CMS & Framework before 3.1.16 and 3.2.x before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 Locale or 2 FailedLoginCount parameter to admin/security/EditForm/field/Members/item/new/ItemEditForm...