8 matches found
CVE-2023-46448
Reflected Cross-Site Scripting XSS vulnerability in dmpop Mejiro Commit Versions Prior To 3096393 allows attackers to run arbitrary code via crafted string in metadata of uploaded images...
CVE-2023-46448
Reflected Cross-Site Scripting XSS vulnerability in dmpop Mejiro Commit Versions Prior To 3096393 allows attackers to run arbitrary code via crafted string in metadata of uploaded images...
CVE-2023-46448
Reflected Cross-Site Scripting XSS vulnerability in dmpop Mejiro Commit Versions Prior To 3096393 allows attackers to run arbitrary code via crafted string in metadata of uploaded images...
Mejiro Security Breach
Mejiro is an easy-to-use PHP web application by Dmitri Popov, a personal developer. It is used for instant photo publishing. A security vulnerability exists in versions prior to Mejiro 3096393, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that allows an...
PT-2023-30027 · Unknown · Dmpop Mejiro
Name of the Vulnerable Software and Affected Versions: dmpop Mejiro versions prior to 3096393 Description: The issue is a Reflected Cross-Site Scripting XSS vulnerability that allows attackers to run arbitrary code via a crafted string in the metadata of uploaded images. This can be exploited by...
CVE-2023-46448
CVE-2023-46448 affects dmpop Mejiro Commit prior to 3096393. The issue is a Reflected Cross‑Site Scripting (XSS) vulnerability in which a crafted string in the metadata of uploaded images can be used to run arbitrary code. This is a potentially remote code execution path if exploited. The documen...
CVE-2023-46448
Reflected Cross-Site Scripting XSS vulnerability in dmpop Mejiro Commit Versions Prior To 3096393 allows attackers to run arbitrary code via crafted string in metadata of uploaded images...
Cross-site Scripting (XSS) - Reflected in dmpop/mejiro
Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...