CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input

D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...

CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input

D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...

CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input

D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...

CVE-2023-46134

CVE-2023-46134 concerns D-Tale, a Flask back-end + React front-end tool for Pandas data. The vulnerability arises from the Custom Filter input, enabling remote code execution when D-Tale is hosted publicly and the input is not properly restricted. The issue was patched in version 3.7.0 by turning...

GHSA-JQ6C-R9XF-QXJM dtale vulnerable to Remote Code Execution through the Custom Filter Input

Impact Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Patches Users should upgrade to version 3.7.0 where the "Custom Filter" input is turned off by default. You can find out more information on how to turn it back ...

PT-2023-29867 · D-Tale · D-Tale

Name of the Vulnerable Software and Affected Versions: D-Tale versions prior to 3.7.0 Description: The issue allows remote code execution, enabling attackers to run malicious code on the server. This is particularly concerning for users hosting D-Tale publicly. The estimated number of potentially...

D-Tale Security Breach

Man Group D-Tale is a pandas data structure visualization tool from Man Group. A security vulnerability exists in D-Tale versions prior to 3.7.0 that stems from a possible vulnerability to remote code execution attacks, which could allow an attacker to run malicious code on the server...

Tale blog has a file read vulnerability

Tale blog is a java development blog system. Tale blog has a file read vulnerability that can be exploited by attackers to obtain sensitive information...

A Brief History of Vanity License Plates Gone Wrong

The stories might sound unbelievable, but they’re all real—and a cautionary tale for anyone who wants to get clever at the DMV...

Backend Login Bypass Vulnerability in Tale Blog System

Tale blog system is a java development blog system. A backend login bypass vulnerability exists in Tale Blog System. An attacker can exploit this vulnerability to construct a cookie to log into any account...

Moderate: Red Hat Security Advisory: Red Hat CloudForms security, bug fix, and enhancement update

An update is now available for CloudForms Management Engine 5.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

tale-of-tales.com XSS vulnerability

Open Bug Bounty ID: OBB-552954 Description| Value ---|--- Affected Website:| tale-of-tales.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Christmas Tale - WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Christmas Tale published at the 'play' market has multiple vulnerabilities...

Color Tale: Game for Kids - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Color Tale: Game for Kids published at the 'play' market has multiple vulnerabilities...

HC Andersen Tale Run - Native code usage, SD-card access, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application HC Andersen Tale Run published at the 'play' market has multiple vulnerabilities...

Northern Tale 2 (Freemium) - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Northern Tale 2 Freemium published at the 'play' market has multiple vulnerabilities...

Tale Seeker - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Tale Seeker published at the 'play' market has multiple vulnerabilities...

Tasty Tale:puzzle cooking game - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Tasty Tale:puzzle cooking game published at the 'play' market has multiple vulnerabilities...