Nextcloud: Database error shown to the user when using a long guest name in richdocuments

When sharing a file to a guest and the file is allow for editing, the user is asked to enter a guestname if you enter a really long value for that name you get a database error that displays sensitive information: An exception occurred while executing 'INSERT INTO...

CVE-2020-13869

An issue was discovered in the Comments plugin before 1.5.6 for Craft CMS. There is stored XSS via a guest name...

Cross site scripting

An issue was discovered in the Comments plugin before 1.5.6 for Craft CMS. There is stored XSS via a guest name...

CVE-2020-13869

The CVE-2020-13869 issue affects the Craft CMS Comments plugin prior to version 1.5.6. It enables stored XSS via the guest name field, due to insufficient input sanitization (as corroborated by multiple sources). Impact: attacker-supplied guest name can inject scripts and run in a user’s browser....

mySeatXT 0.2134 - SQL Injection

No description provided by source. + Exploit: mySeatXT 0.2134 + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/myseat 1 Sql Injection PoC: http://localhost/mySeatXT/web/ajax/autocompleteres.php?term=99' 'SQL INJECT' Vulnerable...