451 matches found
Cross site scripting
A reflected Cross-Site Scripting XSS vulnerability in FUEL CMS 1.5.2allows attackers to run arbitrary code via crafted string after the groupid parameter...
CVE-2024-25369
A reflected Cross-Site Scripting XSS vulnerability in FUEL CMS 1.5.2allows attackers to run arbitrary code via crafted string after the groupid parameter...
Craft CMS Feed-Me
An issue discovered in Craft CMS version 4.6.1.1 allows remote attackers to cause a denial of service DoS via crafted string to Feed-Me Name and Feed-Me URL fields due to saving a feed using an Asset element type with no volume selected...
GHSA-6P78-F7H9-6838 Craft CMS Feed-Me
An issue discovered in Craft CMS version 4.6.1.1 allows remote attackers to cause a denial of service DoS via crafted string to Feed-Me Name and Feed-Me URL fields due to saving a feed using an Asset element type with no volume selected...
CVE-2023-36260
CVE-2023-36260 affects the Feed Me plugin (version 4.6.1) on Craft CMS (version 4.6.1). The issue allows remote attackers to cause a Denial of Service by supplying crafted strings to the Feed-Me Name and Feed-Me URL fields when saving a feed via an Asset element with no volume selected. The root ...
CVE-2023-51890
An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume CPU resources via crafted string in the application URL...
CVE-2023-51888
Buffer Overflow vulnerability in the nomath function in Mathtex v.1.05 and before allows a remote attacker to cause a denial of service via a crafted string in the application URL...
Design/Logic Flaw
An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume CPU resources via crafted string in the application URL...
CVE-2023-51888
Buffer Overflow vulnerability in the nomath function in Mathtex v.1.05 and before allows a remote attacker to cause a denial of service via a crafted string in the application URL...
Buffer overflow
Buffer Overflow vulnerability in the nomath function in Mathtex v.1.05 and before allows a remote attacker to cause a denial of service via a crafted string in the application URL...
UBUNTU-CVE-2023-51890
An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume CPU resources via crafted string in the application URL...
CVE-2023-51887
Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in application URL...
CVE-2023-51889
Stack Overflow vulnerability in the validate function in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in the application URL...
CVE-2023-51887
Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in application URL...
CVE-2023-51888
Buffer Overflow vulnerability in the nomath function in Mathtex v.1.05 and before allows a remote attacker to cause a denial of service via a crafted string in the application URL...
CVE-2023-51889
Stack Overflow vulnerability in the validate function in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in the application URL...
CVE-2023-24046
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility...
Design/Logic Flaw
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility...
CVE-2023-24046
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility...
CVE-2023-40703
Mattermost fails to properly limit the characters allowed in different fields of a block in Mattermost Boards allowing a attacker to consume excessive resources, possibly leading to Denial of Service, by patching the field of a block using a specially crafted string...