14 matches found
CVE-2026-5392
Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7VerifySignedData...
EUVD-2024-55002
Malicious code in bioql PyPI...
CVE-2025-32035
DNN (DotNetNuke) prior to version 9.13.2 does not verify file contents during uploads; it only checks file extensions, allowing a malicious file renamed to a benign extension (e.g., executable renamed to .jpg) to be uploaded. The issue is addressed in version 9.13.2. The practical implication is ...
Arbitrary File Upload
Overview shopxo/shopxo is an e-commerce system. Affected versions of this package are vulnerable to Arbitrary File Upload due to improper checking of the file contents in ThemeDataService.php. An attacker can execute arbitrary code by uploading a malicious file. Remediation There is no fixed...
Store XSS via Upload Photos in album
Description The application does not check the file upload and content file extension. This results in an attacker being able to upload a malicious file that leads to xss. Proof of Concept Video POC: https://drive.google.com/file/d/1QZSCvgrmdXaZb7xoD-eA0iLlL7vDPKYw/view?usp=sharing Payload...
Cross-site Scripting (XSS) - Stored in e107inc/e107
A Stored Cross-Site Scripting XSS using svg exists in e107 version 2.3.1 Date: 12/1/2022 Exploit Author: Trương Hữu Phúc Contact me: + Github: https://github.com/truonghuuphuc + Facebook: https://www.facebook.com/DdosFulzac.auz1/ + Email: [email protected] + Product: e107 + Version: 2.3.1...
Microsoft SharePoint Information Disclosure Vulnerability
An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server. An authenticated attacker who successfully exploited this vulnerability could potentially leverage SharePoint functionality to obtain SMB hashes. The...
CVE-2018-16888
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user e.g. User field set in the service file, a local attacker who is able to write to the PIDFile of the mentioned service may use this fl...
Amazon Linux AMI : exim (ALAS-2017-932)
Use-after-free in receivemsg function via vectors involving BDAT commands The receivemsg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via vectors involving BDAT commands. CVE-2017-16943...
Discuz X1.5 个人主页存储型XSS
简要描述: 内容检查疏忽 详细说明: 进入他人的个人主页页面 留言提交 imgjavascript:alert/sogili//img 漏洞证明: 暂无图片证明。大型论坛都有权限限制。...
Ubuntu 6.10 : linux-restricted-modules-2.6.17 vulnerability (USN-404-1)
Laurent Butti, Jerome Razniewski, and Julien Tinnes discovered that the MadWifi wireless driver did not correctly check packet contents when receiving scan replies. A remote attacker could send a specially crafted packet and execute arbitrary code with root privileges. Note that Tenable Network...
CVE-2005-0391
geneweb 4.10 and earlier does not properly check file permissions and content during conversion, which allows attackers to modify arbitrary files...
CVE-2005-0391
geneweb 4.10 and earlier does not properly check file permissions and content during conversion, which allows attackers to modify arbitrary files...
Possible vulnerabilities of ICQ files opened in IE or OE
Hello everybody, Sorry for my lingo, but I had to learn it in a huge pain. However, if you don't like or cannot understand it, try to learn polish instead gotcha =o Maybe it's an old topic, but maybe not. While playing with ICQ i have found that the program registers for its own use files with .u...