SUSE CVE-2026-32751

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the mobile file tree MobileFiles.ts renders notebook names via innerHTML without HTML escaping when processing renamenotebook WebSocket events. The desktop version Files.ts properly uses escapeHtml for the same...

CVE-2026-32751

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the mobile file tree MobileFiles.ts renders notebook names via innerHTML without HTML escaping when processing renamenotebook WebSocket events. The desktop version Files.ts properly uses escapeHtml for the same...

CVE-2026-32751

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the mobile file tree MobileFiles.ts renders notebook names via innerHTML without HTML escaping when processing renamenotebook WebSocket events. The desktop version Files.ts properly uses escapeHtml for the same...

SiYuan 跨站脚本漏洞

SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan. Versions of SiYuan 3.6.0 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the mobile-side file tree’s failure to escape HTML when handling rename events, which could allow...

CVE-2017-1000234

I, Librarian version =4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the "dir" parameter...

SUSE CVE-2023-2664

In Xpdf 4.04 and earlier, a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow...

CVE-2023-2664

In Xpdf 4.04 and earlier, a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow...

CVE-2023-2664

In Xpdf 4.04 and earlier, a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow...

UBUNTU-CVE-2023-2664

In Xpdf 4.04 and earlier, a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow...

CVE-2023-2664 Stack overflow in Xpdf 4.04 due to object loop in PDF embedded file tree

In Xpdf 4.04 and earlier, a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow...

CVE-2023-2664

In Xpdf 4.04 and earlier, a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow...

PT-2023-20765 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf versions 4.04 and earlier Description: The issue is caused by a PDF object loop in the embedded file tree, leading to infinite recursion and a stack overflow. Recommendations: For versions 4.04 and earlier, update to a version later than...

GHSA-V965-WWRQ-GXFG Alkacon OpenCMS XSS via file tree navigation in system/workplace/views/explorer/tree_files.jsp

Cross-site scripting XSS vulnerability in the file tree navigation function in system/workplace/views/explorer/treefiles.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the resource parameter...

Alkacon OpenCMS XSS via file tree navigation in system/workplace/views/explorer/tree_files.jsp

Cross-site scripting XSS vulnerability in the file tree navigation function in system/workplace/views/explorer/treefiles.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the resource parameter...

Dive - A Tool For Exploring Each Layer In A Docker Image

A tool for exploring a docker image, layer contents, and discovering ways to shrink the size of your Docker/OCI image. To analyze a Docker image simply run dive with an image tag/id/digest: dive or if you want to build your image then jump straight into analyzing it: dive build -t . Building on...

Markdown-Explorer 0.1.1 Cross Site Scripting / Code Execution

Exploit Title: Markdown-Explorer 0.1.1 XSS to RCE Exploit Author: TaurusOmar Twitter:@TaurusOmar HomePage:taurusomar.com Date: May 4th, 2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/jersou/markdown-explorer Version: 0.1.1 Tested on: Windows,...

jQuery File Tree Directory Traversal (CVE-2017-1000170)

A directory traversal vulnerability exists in jQuery File Tree. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal

Exploit Title: WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal Date: 19/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: https://github.com/A5hleyRich/delightful-downloads Version: =1.6.6 Tested on: Debian 11 CVE : CVE-2017-1000170 PHP version exploit: 7.3....

WordPress Delightful Downloads Jquery File Tree 1.6.6 Plugin - Path Traversal Exploit

Exploit Title: WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal Exploit Author: Nicholas Ferreira Vendor Homepage: https://github.com/A5hleyRich/delightful-downloads Version: =1.6.6 Tested on: Debian 11 CVE : CVE-2017-1000170 PHP version exploit: 7.3.27 POC: curl --da...

Taxonomy File Tree - Moderately critical - Access bypass - SA-CONTRIB-2018-061

Taxonomy File Tree allows site managers to create file trees. For files managed as Drupal files, the module does not properly check that a user has access to a file before letting the user download the file. This vulnerability only affects sites that use private files...