8 matches found
Evolver 安全漏洞
Evolver is an intelligent agent-based self-evolution tool developed by EvoMap. Versions of Evolver prior to 1.69.3 contained security vulnerabilities. These vulnerabilities were caused by a prototype contamination issue in the email storage module, which could allow attackers to modify the behavi...
EUVD-2024-27742
Malicious code in bioql PyPI...
EUVD-2023-32972
Malicious code in bioql PyPI...
CVE-2024-8628
The Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'post-meta' shortcode in all versions up to, and including, 1.2.70.3 due to insufficient input sanitization and output escaping o...
CVE-2023-30838
PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, the ValidateCore::isCleanHTML method of Prestashop misses hijackable events which can lead to cross-site scripting XSS injection, allowed by the presence of pre-setup @keyframes methods. This XSS, which...
CVE-2023-29400
Templates containing actions in unquoted HTML attributes e.g. "attr=." executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags...
Code injection
Templates containing actions in unquoted HTML attributes e.g. "attr=." executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags...
Prototype Pollution
decal is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...