3 matches found
GHSA-JHGP-HVJ6-X2P2 Stored Cross-Site Scripting in tianma-static
All versions of tianma-static are vulnerable to stored cross-site scripting XSS. The vulnerability is exploitable if a user can control the name of a file that is served by tianma-static Recommendation As no fix is available for this vulnerability at this time it is our recommendation to use...
Command injection
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...
CVE-2017-12756
Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile0 parameter...