15 matches found
CVE-2021-31651
Cross Site Scripting XSS vulnerability in neofarg-cms 0.2.3 allows remoate attacker to run arbitrary code via the copyright field in copyright settings...
EUVD-2021-18538
Malware in sbrugna...
EUVD-2021-29901
Malicious code in bioql PyPI...
CVE-2021-31651
Cross Site Scripting XSS vulnerability in neofarg-cms 0.2.3 allows remoate attacker to run arbitrary code via the copyright field in copyright settings...
CVE-2021-31651
CVE-2021-31651 affects neofarg-cms 0.2.3 with a Cross Site Scripting (XSS) vulnerability in the copyright field of copyright settings. The root cause is improper handling of the copyright field that allows a remote attacker to run arbitrary code. CVSS 3.1 base score 4.8 (Medium) with Network atta...
CVE-2021-36545
Cross Site Scripting XSS vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfgcopyright or cfgtel field in Site Configuration page...
TPCMS 跨站脚本漏洞
TPCMS is a source of happiness Source of Happiness individual developers of an open source content management system. A cross-site scripting vulnerability exists in TPCMS version 3.2. A remote attacker can exploit this vulnerability to run arbitrary code via the cfgcopyright or cfgtel fields in t...
CVE-2021-42946
A Cross Site Scripting XSS vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page...
CVE-2021-42946
A Cross Site Scripting XSS vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page...
Cross site scripting
A Cross Site Scripting XSS vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page...
CVE-2021-42946
A Cross Site Scripting XSS vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page...
HTMLy 跨站脚本漏洞
HTMLy is a PHP-based open source blogging platform. A security vulnerability exists in HTMLy 2.8.1 that could lead to cross-site scripting via the copyright field in the /admin/config page...
CVE-2008-1964
Stack-based buffer overflow in the demuxnsfsendheaders function in src/demuxers/demuxnsf.c in xine-lib allows remote attackers to have an unknown impact via a long copyright field in an NSF header in an NES Sound file, a different issue than CVE-2008-1878. NOTE: a third party claims that the...
xine-lib NES声音格式解码器copyright字段栈溢出漏洞
BUGTRAQ ID: 28908 xine是一款免费的媒体播放器,支持多种格式。 xine播放器的demuxnfs.c文件中没有正确地验证媒体文件中的copyright字段: line 111: this-copyright = strdup&header0x4E; line 189: char copyright100; line 208: sprintfcopyright, "C %s", this-copyright; 如果用户受骗打开了带有超长copyright字段的媒体文件的话,就可能触发栈溢出,导致执行任意指令。 xine-lib 1.1.12 xine ----...
PT-2008-3486 · Xine · Xine-Lib
Name of the Vulnerable Software and Affected Versions: xine-lib affected versions not specified Description: The issue is related to a stack-based buffer overflow in the demux nsf send headers function, located in src/demuxers/demux nsf.c. This overflow can be triggered by a long copyright field ...