3098 matches found
DEBIAN-CVE-2018-14912
cgitcloneobjects in CGit before 1.2.1 has a directory traversal vulnerability when enable-http-clone=1 is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request...
CVE-2018-14912
cgitcloneobjects in CGit before 1.2.1 has a directory traversal vulnerability when enable-http-clone=1 is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request...
Directory traversal
cgitcloneobjects in CGit before 1.2.1 has a directory traversal vulnerability when enable-http-clone=1 is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request...
CVE-2018-14912
cgitcloneobjects in CGit before 1.2.1 has a directory traversal vulnerability when enable-http-clone=1 is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request...
CVE-2018-14912
cgitcloneobjects in CGit before 1.2.1 has a directory traversal vulnerability when enable-http-clone=1 is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request...
cgit -- directory traversal vulnerability
Jann Horn reports: cgitcloneobjects in CGit before 1.2.1 has a directory traversal vulnerability when enable-http-clone=1 is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request...
cgit 1.2.1 - cgit_clone_objects() Directory Traversal
cgit 1.2.1 - cgitcloneobjects Directory Traversal There is a directory traversal vulnerability in cgitcloneobjects, reachable when the configuration flag enable-http-clone is set to 1 default: void cgitcloneobjectsvoid if !ctx.qry.path cgitprinterrorpage400, "Bad request", "Bad request"; return; ...
cgit < 1.2.1 - 'cgit_clone_objects()' Directory Traversal
There is a directory traversal vulnerability in cgitcloneobjects, reachable when the configuration flag enable-http-clone is set to 1 default: void cgitcloneobjectsvoid if !ctx.qry.path cgitprinterrorpage400, "Bad request", "Bad request"; return; if !strcmpctx.qry.path, "info/packs" printpackinfo...
clone-it.de XSS vulnerability
Open Bug Bounty ID: OBB-654224 Description| Value ---|--- Affected Website:| clone-it.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Instagram-Clone Script Cross-Site Scripting Vulnerability
Instagram is a photo sharing app.Instagram Clone is open source Instagram clone app for iOS, Android and Web. Provides customization features to integrate app ideas into the Instagram app. A cross-site scripting vulnerability exists in Instagram-Clone Script 2.0, which arises due to an input...
Instagram Clone Script 2.0 Cross Site Scripting
Exploit Title: Instagram-clone Script 2.0 - Cross-Site Scripting Date: 2018-07-10 Exploit Author: L0RD Vendor Homepage: https://github.com/yTakkar/Instagram-clone Version: 2.0 CVE: CVE-2018-13849 Tested on: Kali linux POC : Persistent Cross site scripting : vulnerable file : editrequests.php...
Instagram-Clone Script 2.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Instagram-clone Script 2.0 - Cross-Site Scripting Exploit Author: L0RD Vendor Homepage: https://github.com/yTakkar/Instagram-clone Version: 2.0 CVE: CVE-2018-13849 Tested on: Kali linux POC : Persistent Cross site scripting :...
Design/Logic Flaw
editrequests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on pregreplace...
CVE-2018-13849
editrequests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on pregreplace...
CVE-2018-13849
editrequests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on pregreplace...
CVE-2018-13849
CVE-2018-13849 affects the yTakkar Instagram-clone project, specifically edit_requests.php. The vulnerability is a Cross-Site Scripting (XSS) flaw caused by inadequate input sanitization using preg_replace, enabling onmouseover payloads. Public proofs of concept and exploits reference vulnerable ...
CVE-2018-13849
editrequests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on pregreplace...
git: arbitrary code execution when recursively cloning a malicious repository
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because...
git: arbitrary code execution when recursively cloning a malicious repository
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because...
CVE-2018-12329
Protection Mechanism Failure in ECOS Secure Boot Stick aka SBS 5.6.5 allows a local attacker to duplicate an authentication factor via cloning...