13 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-13756
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or...
CVE-2023-40173 Unsalted passwords in fobybus/social-media-skeleton
Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords...
Sabberworm PHP CSS Parser Code injection vulnerability in allSelectors()
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
Remote Code Execution
sabberworm/php-css-parser is vulnerable to remote code execution. Untrusted user input is passed into eval when the functions allSelectors or getSelectorsBySpecificity are called which will lead to arbitrary code execution...
Remote code execution
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
UBUNTU-CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
CVE-2020-13756
Sabberworm PHP CSS Parser vulnerability CVE-2020-13756: before 8.3.1, the code calls eval on untrusted data via getSelectorsBySpecificity() or allSelectors(), enabling potential remote code execution. Affected product is Sabberworm PHP CSS Parser (and the php-horde-css-parser bundle). The issue i...
CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
Sabberworm PHP CSS Code Injection Vulnerability
Exploit for php platform in category web applications Sabberworm PHP CSS parser - Code injection =============================================================================== Identifiers ------------------------------------------------- CVE-2020-13756 CVSSv3 score...
Sabberworm PHP CSS Code Injection
Sabberworm PHP CSS parser - Code injection =============================================================================== Identifiers ------------------------------------------------- CVE-2020-13756 CVSSv3 score ------------------------------------------------- 8.6 -...
CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...
CVE-2009-3284
CVE-2009-3284 is a directory traversal vulnerability affecting multiple phpspot products: PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot. A remote attacker could read server files via unspecified vectors and cause potential data disclosure. Public referenc...