Lucene search
+L

167 matches found

GithubExploit
GithubExploit
added 2024/09/06 6:11 a.m.117 views

Exploit for Cross-site Scripting in Goanother Another_Redis_Desktop_Manager

Another Redis Desktop Manager PoC A Proof-Of-Concept for CVE-2...

9.6CVSS9.9AI score0.00711EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2024/06/06 12:0 a.m.5 views

PT-2024-24179 · Mintplex · Mintplex-Labs/Anything-Llm

Name of the Vulnerable Software and Affected Versions: mintplex-labs/anything-llm versions 1.2.0 through 1.4.1 mintplex-labs/anything-llm web application affected versions not specified Description: A Cross-Site Scripting XSS vulnerability exists in the application, affecting both the desktop and...

9.6CVSS4.8AI score0.00962EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2022/10/19 12:0 a.m.7 views

PT-2022-26038 · Unknown · Markdownify

Name of the Vulnerable Software and Affected Versions: Markdownify version 1.4.1 Description: The issue allows an external attacker to execute arbitrary code remotely on any client attempting to view a malicious markdown file through Markdownify. This is possible because the application has the...

7.8CVSS7.8AI score0.00426EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2022/07/16 3:55 p.m.6 views

Exploit for CVE-2022-30507

Description remote code execution RCE by executing javascr...

9.9AI score
Exploits2
GithubExploit
GithubExploit
added 2022/07/16 3:55 p.m.2 views

Exploit for CVE-2022-30507

Description remote code execution RCE by executing javascr...

9.9AI score
Exploits2
OSV
OSV
added 2022/06/20 8:24 p.m.7 views

MAL-2022-6221 Malicious code in sovryn-node-integration-tests (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0d8a316d21d24dc79e10223d3c0b2e58efb32ba31dc62b9d09efedcc39a14d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/20 12:15 p.m.9 views

CVE-2022-25224

Proton v0.2.0 allows an attacker to create a malicious link inside a markdown file. When the victim clicks the link, the application opens the site in the current frame allowing an attacker to host JavaScript code in the malicious link in order to trigger an XSS attack. The 'nodeIntegration'...

5.4CVSS6.1AI score0.00696EPSS
Exploits1References2
OSV
OSV
added 2022/05/17 2:14 a.m.5 views

GHSA-7FV9-M79R-J9X8 Electron vulnerable to remote command execution

Electron before 1.6.8 allows remote command execution because of a nodeIntegration bypass vulnerability. This also affects all applications that bundle Electron code equivalent to 1.6.8 or earlier. Bypassing the Same Origin Policy SOP is a precondition; however, recent Electron versions do not ha...

8.1CVSS6.3AI score0.06693EPSS
Exploits1References5
OSV
OSV
added 2022/05/14 3:49 a.m.12 views

GHSA-JR64-PGGR-J8XJ Shiba vulnerable to XSS leading to code execution

Shiba markdown live preview app version 1.1.0 is vulnerable to XSS which leads to code execution due to enabled node integration...

6.1CVSS6.3AI score0.01108EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/14 3:49 a.m.19 views

Shiba vulnerable to XSS leading to code execution

Shiba markdown live preview app version 1.1.0 is vulnerable to XSS which leads to code execution due to enabled node integration...

6.1CVSS6.3AI score0.01108EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2021/01/01 12:0 a.m.9 views

Zonetti Zonote 跨站脚本漏洞

Zonetti Zonote is Zonetti individual developers of a Javascript-based language development for the provision of Markdown format note-taking capabilities . A cross-site scripting vulnerability exists in zonote version 0.4.0 and prior versions, which allows remote code execution as the node...

9CVSS7.7AI score0.03755EPSS
Exploits1References5
NVD
NVD
added 2020/09/30 6:15 p.m.34 views

CVE-2020-26158

Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration...

9.6CVSS0.01913EPSS
Exploits0References1
NVD
NVD
added 2020/09/30 6:15 p.m.33 views

CVE-2020-26157

Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration...

9.6CVSS0.01913EPSS
Exploits0References1
OSV
OSV
added 2020/09/30 6:15 p.m.4 views

CVE-2020-26157

Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration...

9.6CVSS7.8AI score0.01913EPSS
Exploits0References1
OSV
OSV
added 2020/09/30 6:15 p.m.6 views

CVE-2020-26158

Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration...

9.6CVSS6.3AI score0.01913EPSS
Exploits0References1
Prion
Prion
added 2020/09/30 6:15 p.m.13 views

Design/Logic Flaw

Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration...

6.8CVSS9.2AI score0.01913EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/09/30 6:15 p.m.22 views

Design/Logic Flaw

Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration...

6.8CVSS9.1AI score0.01913EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/30 3:35 a.m.40 views

CVE-2020-26157

Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration...

9.4AI score0.01913EPSS
Exploits0References1
CVE
CVE
added 2020/09/30 3:35 a.m.43 views

CVE-2020-26157

CVE-2020-26157 affects Leanote Desktop up to version 2.6.2. The root cause is a mishandled note title during syncing that enables cross-site scripting (XSS). This vulnerability is described as leading to remote code execution due to Node integration. The available documents do not specify a concr...

9.6CVSS9.2AI score0.01913EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/30 3:35 a.m.28 views

CVE-2020-26158

Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration...

9.4AI score0.01913EPSS
Exploits0References1
Rows per page
Query Builder