8 matches found
CVE-2026-22799 emlog Arbitrary File Upload Vulnerability
Emlog is an open source website building system. emlog v2.6.1 and earlier exposes a REST API endpoint /index.php?rest-api=upload for media file uploads. The endpoint fails to implement proper validation of file types, extensions, and content, allowing authenticated attackers with a valid API key ...
EUVD-2019-6245
Malware in sbrugna...
CVE-2024-27779
An insufficient session expiration vulnerability CWE-613 in FortiSandbox FortiSandbox version 4.4.4 and below, version 4.2.6 and below, 4.0 all versions, 3.2 all versions and FortiIsolator version 2.4 and below, 2.3 all versions, 2.2 all versions, 2.1 all versions, 2.0 all versions, 1.2 all...
CVE-2019-15233
The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie...
CVE-2019-15233
The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie...
Command injection
The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie...
CVE-2019-15233
CVE-2019-15233 affects the Live:Text Box macro in Old Street Live Input Macros for Confluence, with XSS in versions before 2.11 that can steal an Administrator session cookie. The issue arises from injected JavaScript in a Confluence element, enabling session hijacking when a page containing the ...
WordPress W3 Total Cache Plugin Competitive Conditions Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL servers to set up a personal blog site.W3 Total Cache is one of the blog optimization plug-ins. A competitive condition vulnerability exists in...