12 matches found
Exploit for CVE-2026-36226
CVE-2026-36226: Advantech WebAccess/SCADA Create New Project U...
CVE-2026-6598
A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function createproject/encryptauthsettings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument authsetting...
Langflow 安全漏洞
Langflow is an open-source visualization framework developed by Langflow for building multi-agent and RAG applications. Versions of Langflow 1.8.3 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the functions createproject and...
MAL-2025-7733 Malicious code in @create-project-container/legacy (npm)
The package @create-project-container/legacy was found to contain malicious code...
Malicious code in @sky-team/create-project-modal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c63ed97fa2890cd36683d943cad94b27fa57e5a87b9b16fa38a55970163af5a1 The OpenSSF Package Analysis project identified '@sky-team/create-project-modal' @ 99.50.55 npm as malicious. It is considered malicious because...
MAL-2024-8841 Malicious code in @sky-team/create-project-modal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c63ed97fa2890cd36683d943cad94b27fa57e5a87b9b16fa38a55970163af5a1 The OpenSSF Package Analysis project identified '@sky-team/create-project-modal' @ 99.50.55 npm as malicious. It is considered malicious because...
easy-mock 1.6.0 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: easy-mock 1.6.0 - Remote Code Execution RCE Authenticated Date: 12/08/2021 Exploit Author: LionTree Vendor Homepage: https://github.com/easy-mock Software Link: https://github.com/easy-mock/easy-mock Version: 1.5.0-1.6.0 Tested on: windows 10node v8.17.0 import requests import json...
CVE-2020-23974
Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting and HTML injection in via Online chat, Social feed,Messagetitle-tag, Add new client all-tags...
Cross site scripting
Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting and HTML injection in via Online chat, Social feed,Messagetitle-tag, Add new client all-tags...
CVE-2020-23974
Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting and HTML injection in via Online chat, Social feed,Messagetitle-tag, Add new client all-tags...
CVE-2020-23974
CVE-2020-23974 affects Create-Project Manager 1.07. The issue is described as Multi Persistent Cross-site Scripting and HTML injection via UI surfaces such as Online chat, Social feed, Message(title-tag), and Add new client (all-tags). The provided documents do not specify the root cause details,...
Localize: XSS in Groups
Visit the following link after logging in: http://www.localize.io/pages/createproject/3D Add a new group with an XSS string as group name and you will see the XSS execting. String used: ? Thanks, Ben...