ps459

Multi-Firmware PS4 WebKit & Kernel Exploit Chain An exploit c...

CVE-2019-10666

An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include function on user supplied input without sanitizing the values by calling basename or a similar function. An attacker can leverage this to execute PHP code from the included...

CVE-2022-48192

Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script JavaScript, VBScript in the context of the application...

GHSA-GPRJ-6M2F-J9HX DOM clobbering could escalate to Cross-site Scripting (XSS)

Pagefind initializes its dynamic JavaScript and WebAssembly files relative to the location of the first script you load. This information is gathered by looking up the value of document.currentScript.src. It is possible to "clobber" this lookup with otherwise benign HTML on the page, for example:...

Zyxel多款产品 跨站脚本漏洞

Zyxel USG20W-VPN and others are products of China Hopkins Zyxel.Zyxel USG20W-VPN is a firewall appliance for use in corporate environments.Zyxel ATP series firmware is a series of firewall firmware.Zyxel USG FLEX series firmware is a series of Zyxel USG FLEX series firmware is a series of securit...

PT-2024-6024 · Zyxel · Zyxel Usg Flex Series +3

Name of the Vulnerable Software and Affected Versions: Zyxel ATP series firmware versions from V4.32 through V5.38 Zyxel USG FLEX series firmware versions from V4.50 through V5.38 Zyxel USG FLEX 50W series firmware versions from V4.16 through V5.38 Zyxel USG20W-VPN series firmware versions from...

CVE-2022-48192

Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script JavaScript, VBScript in the context of the application...

Cross site scripting

Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script JavaScript, VBScript in the context of the application...

CVE-2022-48192 Cross-site scripting vulnerability in Softing smartLink SW-HT

Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script JavaScript, VBScript in the context of the application...

pocsuite3

This is a Python package called pocsuite3 that provides a framework for remote vulnerability testing and proof-of-concept development. It is designed to be used by penetration testers and security researchers. The package has a powerful proof-of-concept engine and comes with many features,...

CVE-2019-10666

An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include function on user supplied input without sanitizing the values by calling basename or a similar function. An attacker can leverage this to execute PHP code from the included...

CVE-2019-10666

An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include function on user supplied input without sanitizing the values by calling basename or a similar function. An attacker can leverage this to execute PHP code from the included...

CVE-2019-10666

An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include function on user supplied input without sanitizing the values by calling basename or a similar function. An attacker can leverage this to execute PHP code from the included...

Web Security Dog (IIS Edition) V4.0.18081 Exists Upload Bypass Vulnerability

Website Security Dog IIS Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features for comprehensive website security. An upload bypass vulnerability exists in Web Security Dog IIS Edition V4.0.18081. An...

Byte CMS Cross Site Scripting

Exploit Title: Byte CMS Cross Site Scripting Vulnerabilities Date: 02/03/2014 Exploit Author: projectzero labs Projectzero ID: projectzero2014-003-bytecmsxss Vendor Homepage: http://www.bitsnbytes.gr Software Link: N/A - Commercial Tested on: Kali Linux / Iceweasel v.22 & Mac OS X 10.8.5 / Firefo...

PHP FastCGI remote exploit-vulnerability warning-the black bar safety net

Speaking of FastCGI, we all know this is currently the most common webserver dynamic script execution model. Currently, substantially all of the web scripts are the basic support of this model, and even some type of script this is the only mode ROR, Python, etc. FastCGI's main aim is, the webserv...

Code injection

Unspecified vulnerability in the Skin Manager in DotNetNuke before 4.8.2 allows remote authenticated administrators to perform "server-side execution of application logic" by uploading a static file that is converted into a dynamic script via unknown vectors related to HTM or HTML files...

CVE-2008-6542

Unspecified vulnerability in the Skin Manager in DotNetNuke before 4.8.2 allows remote authenticated administrators to perform "server-side execution of application logic" by uploading a static file that is converted into a dynamic script via unknown vectors related to HTM or HTML files...

MDKA-2006:014 : dynamic

Dynamic was not calling scripts correctly when hardware was plugged/unplugged. Plugging a digital camera not usb mass storage, like a Canon camera was not creating an icon on Desktop for GNOME or in the Devices window for KDE. Dynamic was also creating a 'pilot' symlink in / in addition to...