DEBIAN-CVE-2025-1936

jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension...

CVE-2025-1936

jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension...

CVE-2021-40813

A cross-site scripting XSS vulnerability in the "Zip content" feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames...

Cross site scripting

A cross-site scripting XSS vulnerability in the "Zip content" feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames...

CVE-2021-40813

CVE-2021-40813 documents a cross-site scripting (XSS) vulnerability in the Zip Content feature of Element-IT HTTP Commander 3.1.9. The issue allows remote authenticated users to inject arbitrary web script or HTML via filenames. Affected software: Element-IT HTTP Commander 3.1.9; vulnerable compo...

CVE-2021-40813

A cross-site scripting XSS vulnerability in the "Zip content" feature in Element-IT HTTP Commander 3.1.9 allows remote authenticated users to inject arbitrary web script or HTML via filenames...

Element-IT HTTP Commander 跨站脚本漏洞

Element-IT HTTP Commander is a server-hosted, web-based file management solution from Element-IT Germany. It provides basic functionality for working with files creating, copying, deleting, etc. and many other additional features, such as integration with cloud services, online editing of Office...

HTTP Commander 3.1.9 Cross Site Scripting

Exploit Title: HTTP Commander 3.1.9 - Stored Cross Site Scripting XSS Date: 07/01/2022 Exploit Author: Oscar Sandén Vendor Homepage: https://www.element-it.com Software Link: https://www.element-it.com/downloads.aspx Version: 3.1.9 Tested on: Windows Server 2016 Description There is a stored XSS ...

HTTP Commander 3.1.9 - Stored Cross Site Scripting Vulnerability

Exploit Title: HTTP Commander 3.1.9 - Stored Cross Site Scripting XSS Exploit Author: Oscar Sandén Vendor Homepage: https://www.element-it.com Software Link: https://www.element-it.com/downloads.aspx Version: 3.1.9 Tested on: Windows Server 2016 Description There is a stored XSS in the 'Zip...

CVE-2016-1438

Cisco AsyncOS 9.7.0-125 on Email Security Appliance ESA devices allows remote attackers to bypass intended spam filtering via crafted executable content in a ZIP archive, aka Bug ID CSCuy39210...