PT-2024-35795 · Spip · Spip

Name of the Vulnerable Software and Affected Versions: SPIP version 4.3.3 Description: A cross-site scripting XSS vulnerability in the Article module of SPIP allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter. This...

CVE-2024-53620

Removed by vendor...

cve_article

No description provided...

CVE-2024-50810

hopetree izone lts c011b48 contains a Cross Site Scripting XSS vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView does not securely filter user input and renders it directly to the frontend page through templates...

CVE-2024-50810

CVE-2024-50810 affects hopetree izone lts (version c011b48). The vulnerability is a Cross Site Scripting (XSS) in the article comment function, caused by AddCommintView() not properly filtering user input and rendering it directly via templates in apps/comment/views.py. This can allow attacker-co...

PT-2024-34419 · Unknown · Hopetree Izone Lts

Name of the Vulnerable Software and Affected Versions: hopetree izone lts version c011b48 Description: The issue is related to a Cross Site Scripting XSS vulnerability in the article comment function. Specifically, the AddCommintView function in appscommentviews.py does not securely filter user...

CVE-2024-10478

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms up to 2.0.1. This issue affects some unknown processing of the file /adminarticle/edit?id=2 of the component Edit Article Handler. The manipulation leads to cross site scripting. The attack may be initiated...

CVE-2024-10478 LinZhaoguan pb-cms Edit Article edit cross site scripting

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms up to 2.0.1. This issue affects some unknown processing of the file /adminarticle/edit?id=2 of the component Edit Article Handler. The manipulation leads to cross site scripting. The attack may be initiated...

CVE-2024-10478

CVE-2024-10478 affects LinZhaoguan pb-cms up to version 2.0.1. The issue resides in the Edit Article Handler, specifically in processing the file path /admin#article/edit?id=2, enabling cross-site scripting. Exploitation is possible remotely and has been publicly disclosed. Connected sources prov...

CVE-2024-10478 LinZhaoguan pb-cms Edit Article edit cross site scripting

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms up to 2.0.1. This issue affects some unknown processing of the file /adminarticle/edit?id=2 of the component Edit Article Handler. The manipulation leads to cross site scripting. The attack may be initiated...

pb-cms 跨站脚本漏洞

pb-cms waterfall content management system is a content management system by LinZhaoguan personal developer. A cross-site scripting vulnerability exists in versions prior to pb-cms 2.0.1, which originates from the file /adminarticle/edit?id=2 of the component Edit Article Handler that can lead to...

CVE-2024-48177

MRCMS 3.1.2 contains a SQL injection vulnerability via the RID parameter in /admin/article/delete.do...

MRCMS 安全漏洞

MRCMS is a content management system by the individual developer of marker. A security vulnerability exists in MRCMS version 3.1.2, which originates from the RID parameter in /admin/article/delete.do contains a SQL injection vulnerability...

Multiple vulnerabilities in baserCMS

Overview baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability due to inappropriate Slug handling on Article Edit CWE-79 - CVE-2024-46996 Stored cross-site scripting vulnerability on Edit Email Form Settings CWE-79 ...

JVN#00876083: Multiple vulnerabilities in baserCMS

baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability due to inappropriate Slug handling on Article Edit CWE-79 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score 5.4 CVE-2024-46996 Stored cross-site scripting...

Cross-site Scripting (XSS)

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper handling of slugs on the article editing screen. An attacker can manipulate the output of the page by injecting malicious...

Azure File Sync Agent v19.1 Release – August 2024 (KB5040924)

Update Rollup for Azure File Sync agent version 19.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

2024-10 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 for x64 (KB5044089)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2024-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 (KB5044095)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Malicious code in instaread (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 792748013463fb0303ff6033b47dcb48c23dc944d5075a8859b6997eafd47a56 The file bc2556d1c1ea2a2d00.js contains an AdWare LNKR, this file is included in readarticle.html template and effectively used when the user requests to see t...