15 matches found
EUVD-2023-0459
Malicious code in bioql PyPI...
CVE-2022-43720
An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions an...
BIT-SUPERSET-2022-43720 Apache Superset: Improper rendering of user input
An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions an...
GHSA-FPMR-QMGH-42X2 Apache Superset vulnerable to Injection
An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions an...
Apache Superset vulnerable to Injection
An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions an...
CVE-2022-43720
An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions an...
CVE-2022-43720
An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions an...
CVE-2022-43720 Apache Superset: Improper rendering of user input
An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a user deletes that specific CSS template record. This issue affects Apache Superset version 1.5.2 and prior versions an...
CVE-2022-43720
CVE-2022-43720 affects Apache Superset (notified in multiple sources). An authenticated attacker with write permissions on CSS templates can create a record containing specific HTML tags that are not properly escaped by the toast message shown when deleting that CSS template, enabling HTML/Script...
Gravity Board X 1.1 CSS Template Unauthorized Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14502/info Gravity Board X GBX is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to privileged functions. An...
Cherry enterprise website management system v1. 0 Upload vulnerability-vulnerability warning-the black bar safety net
Cherry enterprise website management system full DIV+CSS template, multi-browser adapt perfectly compatible with IE6-IE8,Firefox, Google, etc. standards-compliant browser, the template styles centralized in a CSS style, content and style completely separated convenient website designers to develo...
DVBBS php v2.0 boardrule.php注入漏洞
PHP2.0++功能介绍: 一、 断点数据库备份,保持所备份的数据和论坛数据同步; 二、 多种形式Url rewrite 伪静态,提高SEO; 三、 多线程信息采集,减少人工操作繁琐度; 四、 自动升级采用多线程断点续传PHP下载模块; 五、 国际论坛界中独创了一个文件安装论坛; 六、 创新、贴心的新发贴回贴模式正在启用---动网PHP2.0++再创佳绩; 七、 发挥PHP优点,大量采用成熟的缓存机制 八、 全优的后台搜索功能; 九、 用户体验 boardrule.php存在sql注入漏洞。 DVBBS php v2.0 暂无 http://p.dvbbs.net/...
Gravity Board X <= 1.1 (csscontent) Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl Gravity Board X v1.1 possibly prior versions remote code execution exploit coded by 1dt.w0lf 14.08.2005 RST/GHC http://rst.void.ru http://ghc.ru use LWP::UserAgent; if@ARGV1 exit0; $path = $ARGV0; header; print "Creating shell... Please wait\n"; $...
Gravity Board X 1.1 - CSS Template Unauthorized Access
Gravity Board X 1.1 - CSS Template Unauthorized Access source: https://www.securityfocus.com/bid/14502/info Gravity Board X GBX is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to...
Gravity Board X 1.1 - CSS Template Unauthorized Access
source: https://www.securityfocus.com/bid/14502/info Gravity Board X GBX is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to privileged functions. An attacker can exploit this...