46 matches found
EUVD-2018-0757
Malware in sbrugna...
EUVD-2021-1366
Malware in sbrugna...
EUVD-2022-1658
Malicious code in bioql PyPI...
EUVD-2022-6875
Malicious code in bioql PyPI...
CVE-2022-38545
Valine v1.4.18 was discovered to contain a remote code execution RCE vulnerability which allows attackers to execute arbitrary code via a crafted POST request...
CVE-2021-34801
Valine 1.4.14 allows remote attackers to cause a denial of service application outage by supplying a ua aka User-Agent value that only specifies the product and version...
CVE-2020-28847
Cross Site Scripting XSS vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment...
Remote Code Execution
valine is vulnerable to remote code execution. A remote attacker is able to upload and execute malicious code on the system under attack via a crafted POST request...
@gitldy1013/vuepress-theme-ldy (>=1.1.2 <=1.1.3), @next-theme/plugins (>=0.0.2 <=8.1.0) +22 more potentially affected by CVE-2022-38545 via valine (>=1.3.10 <=1.4.4)
valine NPM version =1.3.10, =1.1.2, =0.0.2, =1.0.0, =2.0.0-beta.0, =1.0.11, =0.0.1-alpha.0, =0.0.1, =2.0.0-rc.8, =1.0.0, =1.0.0, =1.0.8-alpha.5, =1.1.2, =1.4.0 - vuepress-theme-learing =0.0.1 and more Source cves: CVE-2022-38545 Source advisory: OSV:GHSA-MCVG-G9WX-V5VX...
Valine code injection vulnerability
Valine was discovered to contain a remote code execution RCE vulnerability which allows attackers to execute arbitrary code via a crafted POST request...
GHSA-MCVG-G9WX-V5VX Valine code injection vulnerability
Valine was discovered to contain a remote code execution RCE vulnerability which allows attackers to execute arbitrary code via a crafted POST request...
CVE-2022-38545
Valine v1.4.18 was discovered to contain a remote code execution RCE vulnerability which allows attackers to execute arbitrary code via a crafted POST request...
CVE-2022-38545
Valine v1.4.18 was discovered to contain a remote code execution RCE vulnerability which allows attackers to execute arbitrary code via a crafted POST request...
CVE-2022-38545
Valine v1.4.18 was discovered to contain a remote code execution RCE vulnerability which allows attackers to execute arbitrary code via a crafted POST request...
Remote code execution
Valine v1.4.18 was discovered to contain a remote code execution RCE vulnerability which allows attackers to execute arbitrary code via a crafted POST request...
CVE-2022-38545
Valine v1.4.18 was discovered to contain a remote code execution RCE vulnerability which allows attackers to execute arbitrary code via a crafted POST request...
CVE-2022-38545
Valine 1.4.18 contains a remote code execution (RCE) vulnerability that allows an attacker to execute arbitrary code via a crafted POST request. The CVE-2022-38545 entry is rated CRITICAL (CVSS 3.1) with network attack, low attack complexity, no privileges required, and user interaction required;...
Valine 跨站脚本漏洞
Valine is a commenting system. A security vulnerability exists in Valine v1.4.18, which originates from an attacker being able to execute arbitrary code to achieve remote command execution via a crafted POST request...
PT-2022-24449 · Valine · Valine
Name of the Vulnerable Software and Affected Versions: Valine version 1.4.18 Description: The issue allows attackers to execute arbitrary code via a crafted POST request, enabling remote code execution RCE. This can be achieved by sending a specifically designed request to the affected system...
Cross-site Scripting (XSS)
valine is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization of the nick parameters via /classes/Comments allowing an attacker to inject and store maliciously crafted script...