14 matches found
EUVD-2023-50320
Malicious code in bioql PyPI...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
CVE-2023-46058
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
CVE-2023-46058
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
CVE-2023-46058
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
Cross site scripting
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
Cross site scripting
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
CVE-2023-46058
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grpdesc parameter of the admin/group.php component...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
CVE-2023-46058
CVE-2023-46058 describes a Cross-Site Scripting (XSS) vulnerability in Geeklog-Core (geeklog v2.2.2). The issue resides in the public_html/admin/group.php component, where unsanitized input to the grp_desc parameter can be crafted to execute arbitrary code in the context of an affected site. Docu...
CVE-2023-46059
CVE-2023-46059: A Cross-Site Scripting (XSS) flaw in Geeklog-Core Geeklog v2.2.2 affects the admin/trackback.php component, specifically via the Ping parameter, enabling a remote attacker to execute arbitrary code through a crafted payload. The vulnerability is described across multiple sources a...
PT-2023-29815 · Unknown · Geeklog-Core
Name of the Vulnerable Software and Affected Versions: Geeklog-Core geeklog version 2.2.2 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via a crafted payload to the grp desc parameter of the "admin/group.php" component. This enables the attacker ...