27 matches found
Ivanti Service Manager 跨站脚本漏洞
Ivanti Service Manager is a service manager from Ivanti USA, Inc. that helps organizations meet today's regulatory and technical demands for service delivery automation workflows. A cross-site scripting vulnerability exists in Ivanti Service Manager 2021.1 that allows reflection of cross-site...
KB5001412: Setup Dynamic Update for Windows 10, version 2004 and 20H2: April 27, 2021
None None...
xxl-job cross-site scripting vulnerability
xxl-job is a distributed task scheduling platform with core design goals of rapid development, simple learning, lightweight, and easy scalability. xxl-job 2.2.0 suffers from a cross-site scripting vulnerability that can be exploited to inject arbitrary Web script or HTML via the AppName and...
CVE-2020-23814
Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...
PT-2020-15584
Name of the Vulnerable Software and Affected Versions: xxl-job version 2.2.0 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the AppName and AddressList parameters in the...
Easytalk任意文件包含漏洞
简要描述: 过滤不严。 详细说明: 在appaction.class.php中 public function index parent::tologin; $appname=trim$this-get'appname'; $action=$this-get'action';//直接调用方法 $out=urldecode$GET'out'; //是否开启应用 $app=M'Plugins'-where"directory='$appname' AND available=1"-find; $this-assign'app',$app; if !$app...
Update protection against LEADTOOLS Raster Twain LtocxTwainu.dll Buffer Overflow
A buffer overflow vulnerability exists in LEADTOOLS Raster Twain ActiveX control. LEADTOOLS Imaging SDK provides tools for adding advanced imaging features to various applications. The vulnerability is due to a boundary error while parsing the "AppName" parameter of the affected ActiveX control...