Lucene search
K

4 matches found

Veracode
Veracode
added 2024/08/16 9:12 a.m.12 views

Cross Site Scripting (XSS)

ibexa/fieldtype-richtext is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient input validation due to a blacklist approach that can be circumvented by using uppercase characters. This allows attackers with content editing permissions to inject malicious scripts into...

7.2CVSS6.1AI score0.00367EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2021/05/06 1:15 p.m.14 views

Code injection

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.1 did not properly check for imported files, forbidding certain extension via a blacklist approach, allowing administrator to import an archive with a .php4 inside for example, leading to RCE...

6.5CVSS6.9AI score0.01583EPSS
Exploits2References1Affected Software1
Veracode
Veracode
added 2017/12/01 7:13 a.m.11 views

Cross-Site Scripting (XSS)

sentry is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to the usage of a blacklist approach instead of a whitelist approach. It is possible for an adversary to create links which can cause JavaScript code to be executed...

6.2AI score
Exploits0
0day.today
0day.today
added 2014/04/30 12:0 a.m.38 views

Lavarel-Security XSS Filter Bypass Vulnerability

Lavarel-Security cross site scripting filter suffers from a bypass vulnerability. Product: Lavarel-Security XSS Filter Bypass Vulnerability: Mutation Based XSS Bypass Impact: Medium/High Authors: Rafay Baloch Company: RHAinfoSEC Website: http://rhainfosec.com Status: Fixed ========= Description...

6.8AI score
Exploits0
Rows per page
Query Builder