21 matches found
EUVD-1999-1031
Malware in sbrugna...
EUVD-2018-7539
Malware in sbrugna...
EUVD-2011-3167
Malware in sbrugna...
EUVD-2018-9946
Malware in sbrugna...
EUVD-2023-41886
Malicious code in bioql PyPI...
CVE-2024-27731
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the lack of file type filtering in the file attachment parameter...
CVE-2024-27731
CVE-2024-27731 is a Cross Site Scripting vulnerability in Friendica v2023.12. The issue stems from the lack of file type filtering in the file attachment parameter, which could allow a remote attacker to obtain sensitive information. The available documents consistently describe the affected soft...
CVE-2024-27731
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the lack of file type filtering in the file attachment parameter...
CVE-2020-13239
The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS...
UBUNTU-CVE-2020-13239
The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS...
PT-2020-13389 · Dolibarr · Dolibarr
Name of the Vulnerable Software and Affected Versions: Dolibarr version 11.0.4 Description: The issue concerns the DMS/ECM module, which renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link, leading to a Cross-Site Scripting XSS...
CVE-2011-3203
A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2...
Remote code execution
A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2...
CVE-2011-3203
A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2...
SQL Injection Vulnerability in the Backend of Armitage Website Management System
Jingxun CMS is a website construction and management system by Taizhou Jingxun Information Technology Co. A SQL injection vulnerability exists in the backend of the 2.1 Simplified Chinese version of the Armitage CMS, due to the system not filtering the $attachment parameter. This vulnerability...
DEBIAN-CVE-2011-3201
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email...
CVE-2011-3201
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email...
evolution: mailto URL scheme attachment header improper input validation
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email...
Jcow Social Networking Script 4.2 <= 5.2 Arbitrary Code Execution
Exploit for php platform in category web applications Exploit Title: Jcow CMS 4.x:4.2 Software Link: http://sourceforge.net/projects/jcow/files/jcow4/jcow.4.2.1.zip/download Version: 4.x:4.2 5.6.7.8:34441 at Sat Jun 04 00:00:44 +0000 2011 require 'msf/core' class Metasploit3 'JCow CMS Remote...
CVE-1999-1051
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the replymessageattach attachment parameter...