EUVD-2026-11534

A security flaw has been discovered in CesiumGS CesiumJS up to 1.137.0. Affected by this issue is some unknown functionality of the file Apps/Sandcastle/standalone.html. The manipulation of the argument c results in cross site scripting. The attack can be launched remotely. The exploit has been...

CVE-2023-48094

A cross-site scripting XSS vulnerability in CesiumJS v1.111 allows attackers to execute arbitrary code in the context of the victim's browser via sending a crafted payload to /containerfiles/publichtml/doc/index.html. NOTE: the vendor’s position is that Apps/Sandcastle/standalone.html is part of...

Upload vulnerability science[2]-js validation-vulnerability warning-the black bar safety net

On the file upload vulnerability, presumably to play the web safety of the students comes in contact with, before the station also published an article to introduce file upload vulnerabilities of the various bypass methods, but just have the document but there is no demo code, recently gave the...

jQuery 2.3.5 Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications =============================================== jQuery 2.3.5 Cross Site Scripting Vulnerability =============================================== +----------------------------------------------+ ADVISORY jQuery Validate 1.6.0 Demo Code...

jQuery Validate 1.6.0 Cross Site Scripting

+----------------------------------------------+ ADVISORY – jQuery Validate 1.6.0 Demo Code AFFECTED PACKAGES jQuery Validate 1.6.0 SilverStripe 2.3.X to 2.3.5 Discovered By CodeScan.com +----------------------------------------------+ Vendor's Website:...

Insufficient User Input Validation in VP-ASP 6.50 Demo Code

======================================================================== = CodeScan Advisory, codescan.com [email protected] = = Insufficient User Input Validation in VP-ASP 6.50 Demo Code = = Vendor Website: = http://www.vpasp.com/ = = Affected Version: = VP-ASP Shopping Cart 6.50 Demo Cod...

To modify log file properties protect yourself will not be the administrator found-vulnerability warning-the black bar safety net

The log file location is actually stored in the registry,as long as we modify its attributes to mask their intrusion traces, Here only modify the default location,the log size of the property,such as log size 0 0 0 0 0 0 0 1,so that it can not be normal recording, So if you can perfect guarantee...

MySQL secondary vulnerability of simple prevention-vulnerability warning-the black bar safety net

This article is mainly for PHP MySQL simple operation proposed to produce a secondary vulnerability causes, and prevention programmes. A, ask questions As is known, the database operation for some special characters such as single quotes“'”, backslash“\”and other meta-characters have a strict...

Symantec the presence of a remote execution vulnerability 0day-vulnerability warning-the black bar safety net

milw0rm to this morning published a Symantec remote execution vulnerability EXP DEMO code, a hacker can simply modify the Code of the SHELLCODE, and then after ALPHA2 coding can be constructed in a download virus web Trojan. It has yet to intercept to exploit the vulnerability of the net horse...

ISC BIND 8.2.x - TSIG Remote Stack Overflow (4)

ISC BIND 8.2.x - TSIG Remote Stack Overflow 4 / This exploit has been fixed and extensive explanation and clarification added. Cleanup done by: Ian Goldberg Jonathan Wilkins NOTE: the default installation of RedHat 6.2 seems to not be affected due to the compiler options. If BIND is built from...