EUVD-2023-44423

Malicious code in bioql PyPI...

EUVD-2022-49830

Malicious code in bioql PyPI...

Malicious code in @legalzoom/assets-manager (npm)

The package @legalzoom/assets-manager was found to contain malicious code...

MAL-2025-8422 Malicious code in @legalzoom/assets-manager (npm)

The package @legalzoom/assets-manager was found to contain malicious code...

CVE-2023-3790

A vulnerability has been found in Boom CMS 8.0.7 and classified as problematic. Affected by this vulnerability is the function add of the component assets-manager. The manipulation of the argument title/description leads to cross site scripting. The attack can be launched remotely. The exploit ha...

CVE-2022-47053

An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...

Cross-site Scripting (XSS)

cockpit-hq/cockpit is vulnerable to Stored Cross-site Scripting XSS. The vulnerability exists because xhtml files are not restricted which allows an attacker to upload a xhtml files in the assets manager, resulting in XSS when viewed...

Boom CMS Cross-Site Scripting Vulnerability

Boom CMS is a website builder from Boom CMS in the UK. Boom CMS version 8.0.7 suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied data in the title/description parameter of the assets-manager component, which can be...

Boom CMS v8.0.7 - Cross Site Scripting Vulnerability

Exploit Title: Boom CMS v8.0.7 - Cross Site Scripting Product & Service Introduction: =============================== Boom is a fully featured, easy to use CMS. More than 10 years, and many versions later, Boom is an intuitive, WYSIWYG CMS that makes life easy for content editors and website...

CVE-2023-3790

A vulnerability has been found in Boom CMS 8.0.7 and classified as problematic. Affected by this vulnerability is the function add of the component assets-manager. The manipulation of the argument title/description leads to cross site scripting. The attack can be launched remotely. The exploit ha...

Cross site scripting

A vulnerability has been found in Boom CMS 8.0.7 and classified as problematic. Affected by this vulnerability is the function add of the component assets-manager. The manipulation of the argument title/description leads to cross site scripting. The attack can be launched remotely. The exploit ha...

CVE-2023-3790 Boom CMS assets-manager add cross site scripting

A vulnerability has been found in Boom CMS 8.0.7 and classified as problematic. Affected by this vulnerability is the function add of the component assets-manager. The manipulation of the argument title/description leads to cross site scripting. The attack can be launched remotely. The exploit ha...

Boom CMS 跨站脚本漏洞

Boom CMS is a website builder from Boom CMS in the UK. Boom CMS version 8.0.7 suffers from a cross-site scripting vulnerability, which stems from the lack of effective filtering and escaping of user-supplied data in the title/description parameter of the assets-manager component, which can be...

PT-2023-26169 · Boom Cms · Boom Cms

Name of the Vulnerable Software and Affected Versions: Boom CMS version 8.0.7 Description: A vulnerability has been found in the function add of the component assets-manager. The manipulation of the argument title/description leads to cross site scripting. The attack can be launched remotely...

Boom CMS v8.0.7 - Cross Site Scripting

Exploit Title: Boom CMS v8.0.7 - Cross Site Scripting References Source: https://www.vulnerability-lab.com/getcontent.php?id=2274 Release Date: 2023-07-03 Vulnerability Laboratory ID VL-ID: 2274 Product & Service Introduction: =============================== Boom is a fully featured, easy to use...

CVE-2022-47053

An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...

CVE-2022-47053

An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...

Privilege escalation

An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...

CVE-2022-47053

Summary: CVE-2022-47053 affects DNN (DotNetNuke) Digital Assets Manager, across DotNetNuke v7.0.0 through v9.10.2, enabling arbitrary code execution via a crafted SVG file through an arbitrary file upload vulnerability. The available connected documents consistently describe the vulnerability cla...

CVE-2022-47053

An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...