33 matches found
PT-2023-10831 · Unknown · Vaerys-Dawn Discordsailv2
Name of the Vulnerable Software and Affected Versions: Vaerys-Dawn DiscordSailv2 versions up to 2.10.2 Description: A critical issue was found in the Tag Handler component, leading to improper access controls due to manipulation. This issue affects some unknown functionality of the component...
CVE-2015-10076
A vulnerability was found in dimtion Shaarlier up to 1.2.2. It has been declared as critical. Affected by this vulnerability is the function createTag of the file app/src/main/java/com/dimtion/shaarlier/TagsSource.java of the component Tag Handler. The manipulation leads to sql injection. Upgradi...
CVE-2015-10076
Dimtion Shaarlier versions up to 1.2.2 are affected by a SQL injection in the createTag function (TagsSource.java) of the Tag Handler. The vulnerability root cause is exposed in the code path handling tag creation, with a patch available in version 1.2.3 (patch ID 3d1d9b239d9b3cd87e8bed45a0f02da5...
CVE-2015-10076 dimtion Shaarlier Tag TagsSource.java createTag sql injection
A vulnerability was found in dimtion Shaarlier up to 1.2.2. It has been declared as critical. Affected by this vulnerability is the function createTag of the file app/src/main/java/com/dimtion/shaarlier/TagsSource.java of the component Tag Handler. The manipulation leads to sql injection. Upgradi...
Cross-site Scripting (XSS)
tinymighty/wiki-seo is vulnerable to Cross-Site Scripting XSS. The vulnerability exist in the Meta Property Tag Handler parameter of WikiSEO.body.php due to the lack of validation in the html elements when adding a user which allows an attacker to inject and execute malicious JavaScript...
PT-2023-10255 · Dimtion · Shaarlier
Name of the Vulnerable Software and Affected Versions: dimtion Shaarlier versions up to 1.2.2 Description: A critical issue has been found, affecting the function createTag of the file app/src/main/java/com/dimtion/shaarlier/TagsSource.java in the component Tag Handler. This issue leads to sql...
Shaarli SQL注入漏洞
Shaarli is a suite of website cloning tools. A SQL injection vulnerability exists in Shaarlier prior to version 1.2.2, which stems from the createTag function in the app/src/main/java/com/dimtion/shaarlier/TagsSource.java file of the Tag Handler, which may result in an SQL injection...
tinymighty WikiSEO is vulnerable to cross-site scripting via modifyHTML function
A vulnerability was found in tinymighty WikiSEO 1.2.1. This affects the function modifyHTML of the file WikiSEO.body.php of the component Meta Property Tag Handler. The manipulation of the argument content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit...
GHSA-84MM-PRJG-49XM tinymighty WikiSEO is vulnerable to cross-site scripting via modifyHTML function
A vulnerability was found in tinymighty WikiSEO 1.2.1. This affects the function modifyHTML of the file WikiSEO.body.php of the component Meta Property Tag Handler. The manipulation of the argument content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit...
CVE-2015-10073 tinymighty WikiSEO Meta Property Tag WikiSEO.body.php modifyHTML cross site scripting
A vulnerability, which was classified as problematic, was found in tinymighty WikiSEO 1.2.1 on MediaWiki. This affects the function modifyHTML of the file WikiSEO.body.php of the component Meta Property Tag Handler. The manipulation of the argument content leads to cross site scripting. It is...
PT-2022-26951 · Delta Electronics · Delta Electronics Diaenergie
Name of the Vulnerable Software and Affected Versions: Delta Electronics DIAEnergie versions prior to v1.9.02.001 Description: The issue allows an attacker to inject SQL queries via the network. This is related to SQL Injection in HandlerTag KID.ashx. Recommendations: For versions prior to...
Delta Electronics DIAEnergie SQL注入漏洞
Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.Delta Electronics...
Cross-site Scripting (XSS)
Firefox, Firefox ESR and Thunderbird are vulnerable to cross-site scripting XSS attacks. A remote user can bypass inline JavaScript Content Security Policy CSP and cause event handlers on marquee elements to be executed resulting in arbitrary code to execution. The affected component is Marquee T...