Whoogle Search Cross-site Scripting via string parameter

The package whoogle-search before version 0.7.2 is vulnerable to Cross-site Scripting XSS via the query string parameter q. In the case where it does not contain the http string, it is used to build the errormessage that is then rendered in the error.html template, using the flask.rendertemplate...

PYSEC-2022-226

The package whoogle-search before 0.7.2 are vulnerable to Cross-site Scripting XSS via the query string parameter q. In the case where it does not contain the http string, it is used to build the errormessage that is then rendered in the error.html template, using the flask.rendertemplate functio...

CVE-2022-25303

The package whoogle-search before 0.7.2 are vulnerable to Cross-site Scripting XSS via the query string parameter q. In the case where it does not contain the http string, it is used to build the errormessage that is then rendered in the error.html template, using the flask.rendertemplate functio...

CVE-2011-3749

ka-Map 1.0-20070205 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by test.php and certain other files...

phpAddEdit 1.3 (editform) Local File Inclusion Vulnerability

No description provided by source. phpaddedit-1.3 LFI Author: nuclear script:http://sourceforge.net/projects/phpaddedit/ vuln:http://target.com/addedit-render.php?editform=../../../../../../../etc/passwd%00 vulnerable code: if !$formname && $GET"editform" $formname = $GET"editform"; ... if...