CVE-2023-37164

Diafan CMS v6.0 was discovered to contain a reflected cross-site scripting via the catid parameter at /shop/?module=shop&action=search...

Diafan CMS 跨站脚本漏洞

Diafan CMS is a website builder from Diafan. It is used to create online stores. A cross-site scripting vulnerability exists in Diafan CMS v6.0, which originates from the lack of effective filtering and escaping of user-supplied data in the catid parameter of /shop/?module=shop&action=search, whi...

WordPress Quiz Cat Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Quiz Cat Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 067050a23a59 Credits Rafie Muhammad Patchstack Required privileg...

PT-2023-25200 · Thinutech · Thinucms

Name of the Vulnerable Software and Affected Versions: ThinuTech ThinuCMS version 1.5 Description: A critical issue affects some unknown functionality of the file /category.php. The manipulation of the cat id argument leads to sql injection. The attack may be launched remotely. Recommendations: F...

ciclobcn21.cat Cross Site Scripting vulnerability OBB-3476369

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

A week in security (June 19 - 25)

Last week on Malwarebytes Labs: Microsoft Azure AD flaw can lead to account takeover 5 facts to know about the Royal ransomware gang Malwarebytes only vendor to win every MRG Effitas award in 2022 & 2023 UPS warns customers of phishing attempts after data accessed 6 tips for a cybersecure honeymo...

cat-n-around.com Cross Site Scripting vulnerability OBB-3297590

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

arcticcat.eu Cross Site Scripting vulnerability OBB-3256422

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Ruby: heap-buffer-overflow in gc_writebarrier_incremental

Vulnerability description not provided...

SUSE CVE-2016-8569

The gitoidnfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service NULL pointer dereference via a cat-file command with a crafted object file...

SUSE CVE-2019-1010065

The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfsdent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is in tsk/fs/hfs.c file in function hfscattraverse in lines: 952, 1062. The attack...

CVE-2021-36503

SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...

CVE-2021-36503

SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...

Sql injection

SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...

canal10.cat Cross Site Scripting vulnerability OBB-3178474

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

native-php-cms SQL注入漏洞

native-php-cms is a website builder for FLi individual developers. A security vulnerability exists in version 1.0 of native-php-cms, which is caused by SQL injection and can be exploited by an attacker to run arbitrary SQL commands via the cat parameter in the /list.php file...

CVE-2021-36503

SQL injection vulnerability in native-php-cms 1.0 allows remote attackers to run arbitrary SQL commands via the cat parameter to /list.php file...

[SECURITY] Fedora 36 Update: rust-bat-0.21.0-6.fc36

Cat1 clone with wings...

Malicious Package

Overview cat-notes is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Fedora: Security Advisory for rust-bat (FEDORA-2023-e3c8abd37e)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...