38 matches found
EUVD-2020-17810
Malware in sbrugna...
EUVD-2023-49527
Malicious code in bioql PyPI...
EUVD-2021-31374
Malicious code in bioql PyPI...
SUSE CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
Stored XSS
Description openemr has a feature to customize the "User Manual Link Override" , due to a bad sanitization it allows to put javascript:// scheme which allows to execute javascript code. Proof of Concept 1. login with admin 2. go on Global Settings - Branding 3. Edit User Manual Link Override Fiel...
Grafiki - Threat Hunting Tool About Sysmon And Graphs
Grafiki is a Django project about Sysmon and graphs, for the time being. In my opinion EventViewer, Elastic and even Kibana, are not graphic enough. The current threats are complicated and if attackers think in graphs, defenders also must do it. This is a proof of concept, the code was not debugg...
Schneider Electric Modicon Controllers Use of Insufficiently Random Values (CVE-2019-6821)
CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum. This plugin only works...
ALPINE-CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
UBUNTU-CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
Cross site scripting
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
CVE-2021-44543
An XSS vulnerability was found in Privoxy which was fixed in cgierrornotemplate by encode the template name when Privoxy is configured to servce the user-manual itself...
PT-2021-24130 · Privoxy +4 · Privoxy +4
Name of the Vulnerable Software and Affected Versions: Privoxy affected versions not specified Description: A cross-site scripting XSS issue was discovered in Privoxy. The problem was addressed by encoding the template name in the cgi error no template function when Privoxy is set to serve the us...
Cloud Connector Connectivity Check Utility
NOTE: You can download the required file from the Citrix downloads website by visiting the following link:https://www.citrix.com/downloads/citrix-tools Deprecated - Jan 21, 2025 The Citrix Cloud Connector Connectivity Check Utility has been replaced by the Connectivity Check tool built into the...
CVE-2020-25119
The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual...
CVE-2020-25119
The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual...
CVE-2020-25119
The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual...