8 matches found
EUVD-2011-2085
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-6262
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execut...
CVE-2016-2138
In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xssclean in class/KippoInput.class.php...
Liferay Portal and Liferay DXP allows arbitrary injection via the site name
Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration before 2.0.4 in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...
CVE-2022-27834
Use after free vulnerability in dspcontextunloadgraph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions...
Prototype Pollution
open-graph is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
bolsamania.com XSS vulnerability
Vulnerable URL: http://www.bolsamania.com?section=ajax=quotes/common/v1/graph&dato1;=GB0001383545:FTSE-100:I:232:50102046=LIN001=1=uk=FTSE+100time=60=confirm/openbugbounty/...
Cacti graph.php SQL Injection Vulnerability
Cacti is a set of open source network traffic monitoring and analysis tools. The Cacti graph.php script fails to properly filter the localgraphid parameter, allowing remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...