EUVD-2024-48282

Malicious code in bioql PyPI...

EUVD-2024-48281

Malicious code in bioql PyPI...

CVE-2024-7343

A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This vulnerability affects unknown code of the file /ueditor142/php/controller.php?action=catchimage. The manipulation of the argument source leads to cross site scripting. The attack can be initiated remotely...

CVE-2024-7342

A vulnerability was found in Baidu UEditor 1.4.3.3. It has been classified as problematic. This affects an unknown part of the file /ueditor/php/controller.php?action=uploadfile=utf-8. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack...

CVE-2024-7343

A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This vulnerability affects unknown code of the file /ueditor142/php/controller.php?action=catchimage. The manipulation of the argument source leads to cross site scripting. The attack can be initiated remotely...

CVE-2024-7342

A vulnerability was found in Baidu UEditor 1.4.3.3. It has been classified as problematic. This affects an unknown part of the file /ueditor/php/controller.php?action=uploadfile&encode=utf-8. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the atta...

CVE-2024-7343

A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This vulnerability affects unknown code of the file /ueditor142/php/controller.php?action=catchimage. The manipulation of the argument source leads to cross site scripting. The attack can be initiated remotely...

CVE-2024-7342

A vulnerability was found in Baidu UEditor 1.4.3.3. It has been classified as problematic. This affects an unknown part of the file /ueditor/php/controller.php?action=uploadfile&encode=utf-8. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the atta...

CVE-2024-7343 Baidu UEditor cross site scripting

A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This vulnerability affects unknown code of the file /ueditor142/php/controller.php?action=catchimage. The manipulation of the argument source leads to cross site scripting. The attack can be initiated remotely...

CVE-2024-7343 Baidu UEditor cross site scripting

A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This vulnerability affects unknown code of the file /ueditor142/php/controller.php?action=catchimage. The manipulation of the argument source leads to cross site scripting. The attack can be initiated remotely...

CVE-2024-7343

Baidu UEditor 1.4.2 is affected. The vulnerability is in /ueditor142/php/controller.php?action=catchimage, where manipulating the argument source[] enables cross-site scripting. Attack can be performed remotely and the exploit has been disclosed publicly. The issue is documented across CVE-2024-7...

CVE-2024-7342 Baidu UEditor unrestricted upload

A vulnerability was found in Baidu UEditor 1.4.3.3. It has been classified as problematic. This affects an unknown part of the file /ueditor/php/controller.php?action=uploadfile&encode=utf-8. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the atta...

CVE-2024-7342 Baidu UEditor unrestricted upload

A vulnerability was found in Baidu UEditor 1.4.3.3. It has been classified as problematic. This affects an unknown part of the file /ueditor/php/controller.php?action=uploadfile&encode=utf-8. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the atta...

CVE-2024-7342

Baidu UEditor 1.4.3.3 contains an unrestricted upload vulnerability in the endpoint /ueditor/php/controller.php?action=uploadfile&encode=utf-8, triggered by manipulating the upfile parameter. The issue enables remote initiation and has publicly disclosed exploits; multiple sources corroborate the...

PT-2024-38276 · Baidu · Baidu Ueditor

Name of the Vulnerable Software and Affected Versions: Baidu UEditor version 1.4.3.3 Description: A vulnerability was found in Baidu UEditor, affecting an unknown part of the file "/ueditor/php/controller.php?action=uploadfile&encode=utf-8". The manipulation of the upfile argument leads to...

Baidu UEditor 代码问题漏洞

Baidu UEditor is a WYSIWYG rich text web editor from the Chinese company Baidu. A code issue vulnerability exists in Baidu UEditor version 1.4.3.3, which stems from the operation of the parameter upfile that can lead to unrestricted uploads...

Baidu UEditor 跨站脚本漏洞

Baidu UEditor is a WYSIWYG rich text web editor from the Chinese company Baidu. A cross-site scripting vulnerability exists in Baidu UEditor 1.4.2, which stems from a manipulation of the parameter source that can lead to cross-site scripting attacks...

Baidu UEditor suffers from unauthorized access vulnerability

UEditor is a web editor developed by Baidu web front-end research and development department. An unauthorized access vulnerability exists in Baidu UEditor. An attacker can exploit the vulnerability to log in to the system without an account password and perform unauthorized operations...

Baidu UEditor Cross-Site Scripting Vulnerability

Baidu UEditor is China's Baidu Baidu company's set of open source HTML editor . A cross-site scripting vulnerability exists in Baidu UEditor version 1.4.3.3. A remote attacker can leverage the SRC attribute of the IFRAME element to inject arbitrary web script or HTML...

Baidu UEditor suffers from cross-site scripting vulnerability

UEditor is a web editor developed by Baidu web front-end research and development department. A cross-site scripting vulnerability exists in Baidu UEditor. The program fails to filter user-supplied input, allowing attackers to construct malicious web pages and trick users into parsing and executi...