2 matches found
Cross-site Scripting (XSS)
Overview snipe/snipe-it is an asset management system built on Laravel. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the UploadFileRequest process, which fails to properly sanitize SVG content unless PHP finfo reports image/svg+xml, and the...
Monstra CMS Remote Code Execution Vulnerability
Monstra CMS is a lightweight PHP-based content management system CMS developed by Ukrainian software developer Sergey Romanenko. The system is easy to install and use, scalable and so on. A security vulnerability exists in Monstra CMS version 3.0.4. The vulnerability can be exploited by a remote...