GHSA-W7W4-QJGG-372X Froxlor contains Static Code Injection

Static Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10...

Froxlor 跨站脚本漏洞

Froxlor is a lightweight server management software from the Froxlor team. A cross-site scripting vulnerability exists in Froxlor versions prior to 2.0.10, which stems from allowing static code injection...

PT-2023-16370 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.10 Description: The issue is related to improper neutralization of input during web page generation, also known as cross-site scripting. This could potentially allow for static code injection. Recommendations: Fo...

phpMyAdmin vulnerable to static code injection

setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal...

GHSA-P6H7-29R2-G88F phpMyAdmin vulnerable to static code injection

setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal...

GHSA-X28W-HVWC-MP75 Static Code Injection in Microweber

Microweber is a new generation CMS with drag and drop. Prior to version 1.3, Microweber is vulnerable to static code injection...

Static Code Injection in Microweber

Microweber is a new generation CMS with drag and drop. Prior to version 1.3, Microweber is vulnerable to static code injection...

CVE-2022-0895

Static Code Injection in GitHub repository microweber/microweber prior to 1.3...

Code injection

Static Code Injection in GitHub repository microweber/microweber prior to 1.3...

CVE-2022-0895

CVE-2022-0895 affects microweber/microweber before version 1.3. Root cause described as static code injection from externally entered data in code snippets, potentially allowing modification of execution flow. Impact is rated HIGH/CRITICAL in sources, with network attack vector and no user intera...

PT-2022-13509 · Unknown · Microweber

Name of the Vulnerable Software and Affected Versions: microweber/microweber versions prior to 1.3 Description: The issue concerns static code injection in the microweber/microweber GitHub repository. Microweber is a content management system CMS that features drag and drop functionality...

Static Code Injection

Description The Microweber application allows HTML tags in the "First name", "Last name" and "Phone number" which can be exploited by Injecting HTML payloads. Proof of Concept 1.While buying product we need to fill contact information form. 2.Insert your html code in code block. e.g., Hurry Up!Go...

Static Code Injection in collectiveaccess/pawtucket2

Description This is with reference to another SSRF report I made https://huntr.dev/bounties/43505ece-7d5e-44b8-a7a3-69bd42d0ad02/ in which the fix was to filter external src from images. Pawtucket2 makes use of the same code as Providence to filter HTML, however it does not include the new fix...

CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

CVE-2009-1151

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action...

WordPress XCloner Plugin Static Code Injection Vulnerability

WordPress is a blogging platform developed using the PHP language that supports personal blog sites on servers with PHP and MySQL.XCloner is a plugin for backing up and restoring data and databases. A static code injection vulnerability exists in WordPress Xcloner that allows remote attackers to...

Code injection

Static code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary PHP code into the language files via a Translation LMFRONT field for a language, as demonstrated by language/italian.php...

CVE-2015-4338

CVE-2015-4338 affects the WordPress XCloner plugin (version 3.1.2). The vulnerability is a static code injection that lets remote authenticated users inject arbitrary PHP code into language files via the Translation LM_FRONT_* field (demonstrated by language/italian.php). Impact described: potent...

CVE-2015-4338

Static code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary PHP code into the language files via a Translation LMFRONT field for a language, as demonstrated by language/italian.php...

WordPress XCloner Plugin <= 3.1.2 - Static Code Injection

Because of this vulnerability remote authenticated users can inject arbitrary PHP code into the language files via a Translation LMFRONT field for a language. Solution Update the plugin...