Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-13756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or...

9.8CVSS8.4AI score0.55084EPSS
Exploits4References2
Vulnrichment
Vulnrichment
added 2023/08/18 9:47 p.m.11 views

CVE-2023-40173 Unsalted passwords in fobybus/social-media-skeleton

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords...

7.5CVSS7.6AI score0.00535EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/03/26 12:15 a.m.42 views

Sabberworm PHP CSS Parser Code injection vulnerability in allSelectors()

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

9.8CVSS9.6AI score0.55084EPSS
Exploits4References9Affected Software1
Veracode
Veracode
added 2020/06/04 5:19 a.m.25 views

Remote Code Execution

sabberworm/php-css-parser is vulnerable to remote code execution. Untrusted user input is passed into eval when the functions allSelectors or getSelectorsBySpecificity are called which will lead to arbitrary code execution...

9.8CVSS6AI score0.55084EPSS
Exploits4References6Affected Software1
Prion
Prion
added 2020/06/03 2:15 p.m.19 views

Remote code execution

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

7.5CVSS9.8AI score0.55084EPSS
Exploits4References4Affected Software1
OSV
OSV
added 2020/06/03 2:15 p.m.2 views

UBUNTU-CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

9.8CVSS6.4AI score0.55084EPSS
Exploits4References4
Cvelist
Cvelist
added 2020/06/03 1:46 p.m.42 views

CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

9.9AI score0.55084EPSS
Exploits4References4
CVE
CVE
added 2020/06/03 1:46 p.m.247 views

CVE-2020-13756

Sabberworm PHP CSS Parser vulnerability CVE-2020-13756: before 8.3.1, the code calls eval on untrusted data via getSelectorsBySpecificity() or allSelectors(), enabling potential remote code execution. Affected product is Sabberworm PHP CSS Parser (and the php-horde-css-parser bundle). The issue i...

9.8CVSS9.7AI score0.55084EPSS
In wildExploits4References5Affected Software1
Debian CVE
Debian CVE
added 2020/06/03 1:46 p.m.6 views

CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

9.8CVSS9.9AI score0.55084EPSS
Exploits4
0day.today
0day.today
added 2020/06/03 12:0 a.m.148 views

Sabberworm PHP CSS Code Injection Vulnerability

Exploit for php platform in category web applications Sabberworm PHP CSS parser - Code injection =============================================================================== Identifiers ------------------------------------------------- CVE-2020-13756 CVSSv3 score...

7.5CVSS0.3AI score0.55084EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/06/03 12:0 a.m.239 views

Sabberworm PHP CSS Code Injection

Sabberworm PHP CSS parser - Code injection =============================================================================== Identifiers ------------------------------------------------- CVE-2020-13756 CVSSv3 score ------------------------------------------------- 8.6 -...

0.4AI score0.55084EPSS
Exploits4
ATTACKERKB
ATTACKERKB
added 2020/06/03 12:0 a.m.99 views

CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

9.8CVSS5.8AI score0.55084EPSS
In wildExploits4References5
CVE
CVE
added 2009/09/22 10:0 a.m.47 views

CVE-2009-3284

CVE-2009-3284 is a directory traversal vulnerability affecting multiple phpspot products: PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot. A remote attacker could read server files via unspecified vectors and cause potential data disclosure. Public referenc...

5CVSS6.8AI score0.01505EPSS
Exploits0References4Affected Software6
Rows per page
Query Builder