1097 matches found
CVE-2022-28354
In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period...
CVE-2022-28354
In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period...
Design/Logic Flaw
In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period...
CVE-2022-28354
In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period...
MyBB plugin Active Threads 跨站脚本漏洞
MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is easy to use , support for multi-language , scalable and so on. A security vulnerability exists in MyBB plugin Active Threads version 1.3.0, which originates from the date...
CVE-2022-28354
In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period...
PT-2023-12940 · Mybb · Active Threads Plugin
Name of the Vulnerable Software and Affected Versions: Active Threads Plugin version 1.3.0 for MyBB Description: The issue concerns an XSS vulnerability in the date parameter of the activethreads.php file when setting a time period. This allows for potential exploitation. No information is provid...
CVE-2022-28354
CVE-2022-28354 affects the MyBB Active Threads Plugin 1.3.0 and its activethreads.php date parameter, which is vulnerable to cross-site scripting (XSS) when setting a time period. The vulnerability details indicate an XSS flaw in the parameter handling, with CVSSv3.1 base score 6.1 (MEDIUM): Netw...
SilentMoonwalk - PoC Implementation Of A Fully Dynamic Call Stack Spoofer
PoC Implementation of a fully dynamic call stack spoofer TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow. Authors This PoC is the...
A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks two threads sharing the same HSTS data could end up doing a double-free or use-after-free.
...
SUSE CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
Double free
A double free vulnerability exists in libcurl 8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread...
CVE-2023-27537
A double free vulnerability exists in libcurl 8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread...
CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
UBUNTU-CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
Waf-Bypass - Check Your WAF Before An Attacker Does
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community. How to run I...
Exploit for OS Command Injection in Netgate Pfblockerng
pfBlockerNG T...
CURL-CVE-2023-27537 HSTS double free
libcurl supports sharing HSTS data between separate "handles". This sharing was introduced without considerations for doing this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks, two threads sharing the same HSTS...