CLSA-2026-1778670864 php: Fix of CVE-2026-6735

CVE-2026-6735: HTML-encode proc.requesturi and tighten querystring entity flags in sapi/fpm/fpm/fpmstatus.c to fix XSS in PHP-FPM status endpoint...

XSS to LFI in Runcode Feature

Description By default runcode santized document prefix but if html encode to...

Stored Cross Site Scripting

Vulnerability Type Stored Cross Site-Scripting XSS Affected URL https://localhost/openemr-6.0.0/interface/new/newcomprehensivesave.php Affected Parameters “formfname” “formlname” Authentication Required? Yes Issue Summary A stored XSS vulnerability found in “/interface/new/newcomprehensivesave.ph...

Reflected Cross Site Scripting

Vulnerability Type Reflected Cross Site-Scripting XSS Affected URL https://localhost/openemr-6.0.0/interface/main/calendar/index.php Affected Parameters “newname” Authentication Required? Yes Issue Summary A reflected XSS vulnerability found in “/interface/main/calendar/index.php” that allows Adm...

Stored Cross Site Scripting

Vulnerability Type Stored Cross Site-Scripting XSS Affected URL https://localhost/openemr-6.0.0/ /controller.php?practicesettings&documentcategory&action=addnode&parentid=XX Affected Parameter “name” Method POST Authentication Required? Yes Issue Summary A stored XSS vulnerability found in ”...

CVE-2021-3694

LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure...

Information disclosure

LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure...

[ASA-202102-29] keycloak: cross-site scripting

Arch Linux Security Advisory ASA-202102-29 ========================================== Severity: High Date : 2021-02-20 CVE-ID : CVE-2021-20195 Package : keycloak Type : cross-site scripting Remote : Yes Link : https://security.archlinux.org/AVG-1578 Summary ======= The package keycloak before...

LibreOffice < 6.2.6 Macro - Python Code Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreOffice Macro Python Code Execution', 'Description' = %q LibreOffice comes bundled with sample macros written in Python and allows the abilit...

Kentico CMS 11 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Kentico CMS version 9 through 11 - Cross-Site Scripting Reflect Software Link: https://www.kentico.com Exploit Author: Keerati T. CVE: CVE-2018-7205 Category: webapps 1. Description Kentico is the only fully integrated ASP.NET...

Kentico CMS 11 Cross Site Scripting

Exploit Title: Kentico CMS version 9 through 11 - Cross-Site Scripting Reflect Date: 18-02-2018 Software Link: https://www.kentico.com Exploit Author: Keerati T. CVE: CVE-2018-7205 Category: webapps 1. Description Kentico is the only fully integrated ASP.NET CMS, E-commerce, and Online Marketing...

Infogram: Stored XSS in content when Graph is created via API

Summary It is possible for an attacker to insert javascript code into Graphs by creating a project via the API Steps to reproduce Login Go to API Settings Copy your Key + Secret Go to API Documentation Download one of the official libraries I chose JAVA In the "main" method add the Key + Secret y...

typo3 -- Multiple vulernabilities in TYPO3 Core

Typo Security Team reports: It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Information Disclosure, Insecure Unserialize leading to Arbitrary Code Execution. TYPO3 Backend Help System - Due to a missing signature HMAC for a parameter in the viewhelp.php file, an...

Persistent xss flaw in the revision history (of comments).

Whilst a comment is html encoded /sanitized when displayed within an answer to a question the revision history page for an edited comment does not sanitize or html encode the content of the current and previous comments. Therefore an attacker can exploit this issue to craft a persistent xss attac...

Debian DSA-2445-1 : typo3-src - several vulnerabilities

Several remote vulnerabilities have been discovered in the TYPO3 web content management framework : - CVE-2012-1606 Failing to properly HTML-encode user input in several places, the TYPO3 backend is susceptible to Cross-Site Scripting. A valid backend user is required to exploit these...

The i18n in velocity templates does not auto html encode parameters

All the getText methods on com.atlassian.confluence.util.i18n.DefaultI18NBean are anontated as HtmlSafe which means that any parameter which gets passed in as an argument will not be auto html encoded by the Anti-XSS module. The most straight forward way to fix this is to wrap the parameter insid...

orkutfun-xss.txt

Greetings! Doing hard searches and working hard seeking for xss holes we finally found! The new hole is in the description of the pic, you can put html encode chars like this. & l t ; meta http-equiv="refresh" content="0;url=http://suafakeaqui" & g t ; means more or close tag. So you can build...

[Full-disclosure] 0day Orkut XSS [ NEW! ]

Greetings! Doing hard searches and working hard seeking for xss holes we finally found! The new hole is in the description of the pic, you can put html encode chars like this. & l t ; meta http-equiv="refresh" content="0;url=http://suafakeaqui" & g t ; means minus or open tag. means more or close...