16 matches found
EUVD-2019-7850
Malware in sbrugna...
EUVD-2021-30589
Malicious code in bioql PyPI...
CVE-2021-43682
thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...
CVE-2019-17494
laravel-bjyblog 6.1.1 has XSS via a crafted URL...
CVE-2021-43682
thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...
Cross site scripting
thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...
CVE-2021-43682
CVE-2021-43682 affects thinkphp-bjyblog and is caused by an XSS issue in AdminBaseController.class.php due to insufficient input filtering. The exit function can print a message containing $_SERVER['HTTP_HOST'], potentially exposing server information or enabling crafted payloads to reflect data....
CVE-2021-43682
thinkphp-bjyblog last update Jun 4 2021 is affected by a Cross Site Scripting XSS vulnerability in AdminBaseController.class.php. The exit function terminates the script and prints a message to the user that contains $SERVER'HTTPHOST'...
Thinkphp-Bjyblog 跨站脚本漏洞
Thinkphp-Bjyblog is an open source blog based on ThinkPhp developed by Baijunyao, an individual developer in China. A cross-site scripting vulnerability exists in Thinkphp-Bjyblog because the exit function in the product AdminBaseController.class.php file does not effectively filter input data. T...
Cross-Site Scripting (XSS)
baijunyao/laravel-bjyblog is vulnerable to cross-site scripting XSS. The vulnerability exists as the value of url as used in app/Models/Site.php is not sanitized...
laravel-bjyblog cross-site scripting vulnerability
laravel-bjyblog is an open source personal blog system. A cross-site scripting vulnerability exists in laravel-bjyblog version 6.1.1, which stems from the lack of proper validation of client-side data in the WEB application and can be exploited by an attacker to execute client-side code...
CVE-2019-17494
laravel-bjyblog 6.1.1 has XSS via a crafted URL...
CVE-2019-17494
laravel-bjyblog 6.1.1 has XSS via a crafted URL...
Design/Logic Flaw
laravel-bjyblog 6.1.1 has XSS via a crafted URL...
CVE-2019-17494
The CVE-2019-17494 entry concerns laravel-bjyblog version 6.1.1, where cross-site scripting (XSS) is possible via a crafted URL. Multiple connected sources confirm the affected component as the Laravel-based blog system (laravel-bjyblog) and point to an XSS vulnerability stemming from insufficien...
CVE-2019-17494
laravel-bjyblog 6.1.1 has XSS via a crafted URL...