CVE-2024-50577

JetBrains YouTrack is affected prior to version 2024.3.47707. The CVE-2024-50577 issue is described as a stored XSS vulnerability caused by Angular template injection in Hub settings. Impact is cross-site scripting via Hub settings, with overall security values indicating confidentiality/integrit...

CVE-2024-50577

In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings...

PT-2024-7634 · Jetbrains · Youtrack

Name of the Vulnerable Software and Affected Versions: JetBrains YouTrack versions prior to 2024.3.47707 Description: The issue is related to a stored XSS vulnerability via Angular template injection in Hub settings. This could allow an attacker to perform cross-site scripting attacks. The...

Malicious code in dexter-angular-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6bf5598a2ab8cfa28dc285027cc8774d194d3b78d22da1d849cd6ef4d140d28 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10233 Malicious code in dexter-angular-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6bf5598a2ab8cfa28dc285027cc8774d194d3b78d22da1d849cd6ef4d140d28 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Remote Code Execution (RCE)

angular-base64-upload is vulnerable to Remote Code Execution RCE. The vulnerability is due to a lack of proper access controls in demo/server.php, allowing attackers to upload arbitrary content, which can then be executed from demo/uploads...

Malicious code in bundled-angular-compiler (npm)

--- -= Per source details. Do not edit below this line.=-...

K000141459: Angular JS vulnerabilities CVE-2019-14863 and CVE-2022-25869

Security Advisory Description CVE-2019-14863 There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it. CVE-2022-2586...

F5 Networks BIG-IP : Angular JS vulnerabilities (K000141459)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the K000141459 advisory. CVE-2019-14863There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping t...

VulnCheck KEV: CVE-2024-42640

angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of...

GHSA-VGXQ-6RCF-QWRW angular-base64-upload vulnerable to unauthenticated remote code execution

angular-base64-upload versions prior to v0.1.21 are vulnerable to unauthenticated remote code execution via the angular-base64-upload/demo/server.php endpoint. Exploitation of this vulnerability involves uploading arbitrary file content to the server, which can subsequently accessed through the...

angular-base64-upload vulnerable to unauthenticated remote code execution

angular-base64-upload versions prior to v0.1.21 are vulnerable to unauthenticated remote code execution via the angular-base64-upload/demo/server.php endpoint. Exploitation of this vulnerability involves uploading arbitrary file content to the server, which can subsequently accessed through the...

CVE-2024-42640

angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of...

angular-base64-upload 安全漏洞

angular-base64-upload is a library by the individual developers of Adones Pitogo. A security vulnerability exists in angular-base64-upload prior to version 0.1.21, which stems from vulnerability to an unauthenticated remote code execution attack via demo/server.php...

CVE-2024-42640

angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of...

CVE-2024-42640

angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of...

CVE-2024-42640

CVE-2024-42640 affects the Angular-base64-upload library prior to v0.1.21. The root cause is unauthenticated remote code execution via the demo/server.php endpoint, allowing an attacker to upload arbitrary content that can be accessed at demo/uploads and executed on the server. Affected packages ...

PT-2024-6803 · Unknown · Angular-Base64-Upload

Name of the Vulnerable Software and Affected Versions: angular-base64-upload versions prior to v0.1.21 Description: The issue is related to the angular-base64-upload library, which has a vulnerability that allows an attacker to execute arbitrary code on the server by uploading a specially crafted...

Exploit for CVE-2024-42640

CVE-2024-42640 CVE-2024-42640 Unauthenticated Re...

Malicious code in visa-ui-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd965500f041551c6ece4a137b88df7d7c601228f7e039a8130a8514a48b98e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...