210 matches found
Cross site scripting in Elefant CMS
A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting Persistent. It is possible to initiate the attack remotely. Upgrading to version 1.3.13 i...
CVE-2017-20060
A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting Persistent. It is possible to initiate the attack remotely. Upgrading to version 1.3.13 i...
Cross site scripting
A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting Persistent. It is possible to initiate the attack remotely. Upgrading to version 1.3.13 i...
CVE-2017-20060 Elefant CMS Blog Post Persistent cross site scriting
A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting Persistent. It is possible to initiate the attack remotely. Upgrading to version 1.3.13 i...
CVE-2017-20060 Elefant CMS Blog Post Persistent cross site scriting
A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting Persistent. It is possible to initiate the attack remotely. Upgrading to version 1.3.13 i...
SakuraPanel 跨站脚本漏洞
SakuraPanel is an open source, Frp-based intranet penetration management panel application. a cross-site scripting vulnerability exists in SakuraPanel, which stems from an exit function in the product/master/core/PostHandler.php file that does not validate data. An attacker could print...
Jupyter Notebook Cross-Site Scripting Vulnerability (CNVD-2019-09602)
Jupyter Notebook is an open source web application that creates and shares documents containing live code, equations, visualizations, and narrative text. A cross-site scripting vulnerability exists in Jupyter Notebook versions prior to 5.7.1, which stems from a failure to set the content security...
Moby NetSuite 1.0/1.2 POST Handler Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6277/info A buffer overflow vulnerability has been reported for Moby NetSuite that may result in a denial of service condition. Reportedly, it is possible to cause NetSuite to crash when a malformed POST request is...
USN-1231-1: PHP Vulnerabilities
Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a stack-based buffer overflow existed in the socketconnect function's handling of long pathnames for AFUNIX sockets. A remote attacker might be able to exploit this to execute arbitrary code; however, the default compiler options...
CVE-2011-2202
The rfc1867posthandler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request...