14 matches found
EUVD-2006-2391
Malware in sbrugna...
ProcessWire Cross Site Request Forgery vulnerability
Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...
GHSA-R9VW-CJF9-XH4X ProcessWire Cross Site Request Forgery vulnerability
Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...
CVE-2024-41597
Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...
CVE-2024-41597
Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...
CVE-2024-41597
Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...
Authorization
A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's conten...
PYSEC-2018-116
Cross-site scripting XSS vulnerability in Airbnb Knowledge Repo 0.7.4 allows remote attackers to inject arbitrary web scripts or HTML via the post comments functionality, as demonstrated by the post/posts/newreport.kp URI...
CVE-2018-12104
Cross-site scripting XSS vulnerability in Airbnb Knowledge Repo 0.7.4 allows remote attackers to inject arbitrary web scripts or HTML via the post comments functionality, as demonstrated by the post/posts/newreport.kp URI...
CVE-2018-12104
Cross-site scripting XSS vulnerability in Airbnb Knowledge Repo 0.7.4 allows remote attackers to inject arbitrary web scripts or HTML via the post comments functionality, as demonstrated by the post/posts/newreport.kp URI...
CVE-2018-12104
Cross-site scripting XSS vulnerability in Airbnb Knowledge Repo 0.7.4 allows remote attackers to inject arbitrary web scripts or HTML via the post comments functionality, as demonstrated by the post/posts/newreport.kp URI...
CVE-2006-2390
Cross-site scripting XSS vulnerability in OZJournals 1.2 allows remote attackers to inject arbitrary web script or HTML via the vname parameter in the comments functionality...
Cross site scripting
Cross-site scripting XSS vulnerability in OZJournals 1.2 allows remote attackers to inject arbitrary web script or HTML via the vname parameter in the comments functionality...
CVE-2006-2390
The set of connected documents confirms a cross-site scripting (XSS) vulnerability in OZJournals 1.2, exploitable via the vname parameter in the comments functionality. The CVSSv2 base score is 5.8 (Medium), with network access required and no user interaction needed, and impact described as part...