15 matches found
CVE-2026-53435
CVE-2026-53435 affects Jenkins 2.567 and earlier, including LTS 2.555.2 and earlier. The root cause is unsafe deserialization due to a deserialization sink that bypasses a ClassFilter, allowing an attacker who can POST a config.xml to deserialize arbitrary core/plugin types and reach them via HTT...
EUVD-2021-12188
Malware in sbrugna...
EUVD-2007-0562
Malware in sbrugna...
mblog 安全漏洞
mblog is a blogging system by langhsu individual developer. A security vulnerability exists in mblog 3.5.0 and earlier versions, which originates from a cross-site scripting attack due to incorrect manipulation of the content/title parameter in file/post/submit...
CVE-2021-25277
FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the alternative text hover box in the file submission component...
Code injection
This affects the package conf-cfg-ini before 1.2.2. If an attacker submits a malicious INI file to an application that parses it with decode, they will pollute the prototype on the application. This can be exploited further depending on the context...
CVE-2021-25277
FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the alternative text hover box in the file submission component...
Session fixation
FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the alternative text hover box in the file submission component...
CVE-2021-25277
FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the alternative text hover box in the file submission component...
CVE-2021-25277
CVE-2021-25277 affects FTAPI versions 4.0–4.10. The issue is a cross-site scripting (XSS) vulnerability triggered by a crafted filename that is processed in the file submission component’s alternative text hover box. The root cause is improper handling of filename input in the hover text renderin...
FTAPI 跨站脚本漏洞
A cross-site scripting vulnerability exists in FTAPI 4.0 - 4.10, which allows the passage of a crafted filename to an alternate text hover box in the file submission component...
Web Shell Detector - PHP Script That Helps You Find And Identify PHP / CGI (Perl) / ASP / ASPX Shells
Web Shell Detector is a php script that helps you find and identify php/cgiperl/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%. By using the latest javascript and css technologies, web shell detector has a light weight and...
Session fixation
Cisco Intelligent Automation for Cloud aka Cisco Cloud Portal does not validate file types during the handling of file submission, which allows remote authenticated users to upload arbitrary files via a crafted request, aka Bug ID CSCuh87410...
For iis write permissions of use-vulnerability warning-the black bar safety net
We may have seen the remote analysis of IIS settings, which iis a variety of settings for the analysis, I here for iis write permissions to the analysis, the following reference to the remote analysis of IIS Settings article for iis write permissions to the analysis of the content: Write...
Multiple Symantec Web Security vulnerabilities
CPU exhaustion on large file submission. Crossite scripting...