Cross site scripting

A vulnerability has been found in csliuwy coder-chaingdut and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /back/index.php/user/User/?1. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been...

CVE-2022-4341

CVE-2022-4341 affects the csliuwy coder-chain_gdut project. The vulnerability is a cross-site scripting (XSS) in an unknown functionality of /back/index.php/user/User/?1, caused by manipulation of that function. It can be exploited remotely and the exploit has been disclosed publicly (VDB-215095)...

coder-chain_gdut 跨站脚本漏洞

coder-chaingdut is a binary image segmentation method based on lossless compression by the individual developer Wenyin Liu csliuwy. A security vulnerability exists in coder-chaingdut, which originates from an unknown function in file /back/index.php/user/User/?1, which is manipulated to cause...

PT-2022-26894 · Unknown · Csliuwy Coder-Chain Gdut

Name of the Vulnerable Software and Affected Versions: csliuwy coder-chain gdut affected versions not specified Description: A vulnerability has been found in csliuwy coder-chain gdut, classified as problematic. It affects an unknown functionality of the file "/back/index.php/user/User/?1". The...

CVE-2022-2388

The WP Coder WordPress plugin before 2.5.3 does not have CSRF check in place when deleting code created by the plugin, which could allow attackers to make a logged in admin delete arbitrary ones via a CSRF attack...

CVE-2022-2388

The CVE-2022-2388 vulnerability affects the WP Coder WordPress plugin prior to version 2.5.3. The issue is a CSRF omission when deleting code created by the plugin, allowing an authenticated admin to delete arbitrary code via CSRF. Impact stated as I:H with no confidentiality impact and no availa...

WP Coder < 2.5.3 - Code Deletion via CSRF

The plugin does not have CSRF check in place when deleting code created by the plugin, which could allow attackers to make a logged in admin delete arbitrary ones via a CSRF attack https://example.com/wp-admin/admin.php?page=wp-coder&info=del&did=1...

WordPress WP Coder plugin <= 2.5.2 - Code Deletion via Cross-Site Request Forgery (CSRF) vulnerability

Code Deletion via Cross-Site Request Forgery CSRF vulnerability discovered by Krzysztof Zając in WordPress WP Coder plugin versions = 2.5.2. Solution Update the WordPress WP Coder plugin to the latest available version at least 2.5.3...

WP Coder < 2.5.3 - Code Deletion via CSRF

The plugin does not have CSRF check in place when deleting code created by the plugin, which could allow attackers to make a logged in admin delete arbitrary ones via a CSRF attack PoC https://example.com/wp-admin/admin.php?page=wp-coder=del=1...

GHSA-9C9F-7X9P-4WQP A malicious coder can get unsound access to TCell or TLCell memory

This is impossible to do by accident, but by carefully constructing marker types to be covariant, a malicious coder can cheat the singleton check in TCellOwner and TLCellOwner, giving unsound access to cell memory. This could take the form of getting two mutable references to the same memory, or ...

A malicious coder can get unsound access to TCell or TLCell memory

This is impossible to do by accident, but by carefully constructing marker types to be covariant, a malicious coder can cheat the singleton check in TCellOwner and TLCellOwner, giving unsound access to cell memory. This could take the form of getting two mutable references to the same memory, or ...

DEBIAN-CVE-2022-32545

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior...

UBUNTU-CVE-2022-32546

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior...

Imagemagick Studio ImageMagick 输入验证错误漏洞

Imagemagick Studio ImageMagick is a suite of open-source image processing software from the American company Imagemagick Studio. The software can read, convert, or write images in a variety of formats. A security vulnerability exists in Imagemagick Studio ImageMagick that originates when handling...

CVE-2021-42648

Cross-site scripting XSS vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL...

CVE-2021-42648

Cross-site scripting XSS vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL...

CVE-2021-42648

Coder Code-Server is affected by a Cross-Site Scripting (XSS) vulnerability in versions before 3.12.0, exploitable via crafted URLs. Affected component: code-server frontend handling error messages; root cause: insufficient escaping of user-supplied input in error handling. Impact: arbitrary code...

Ubuntu 16.04 ESM : ImageMagick vulnerabilities (USN-5335-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5335-1 advisory. It was discovered that ImageMagick incorrectly handled certain values when processing XPM image data or large images. If a user or automated system using...

OESA-2022-1579 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

RUSTSEC-2022-0007 A malicious coder can get unsound access to TCell or TLCell memory

This is impossible to do by accident, but by carefully constructing marker types to be covariant, a malicious coder can cheat the singleton check in TCellOwner and TLCellOwner, giving unsound access to cell memory. This could take the form of getting two mutable references to the same memory, or ...