15 matches found
EUVD-2021-26302
Malware in sbrugna...
CVE-2024-45057
The CVE-2024-45057 entry describes a Reflected Cross-Site Scripting (XSS) vulnerability in i-Educar prior to v2.9. The issue arises from insufficient validation/sanitization of user-controlled input in the dynamic generation of HTML fields, specifically in the file intranet/include/clsCampos.inc....
Fedora: Security Advisory for rust-elfcat (FEDORA-2024-ce2936b568)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2021-39946
Improper neutralization of user input in GitLab CE/EE versions 14.3 to 14.3.6, 14.4 to 14.4.4, and 14.5 to 14.5.2 allowed an attacker to exploit XSS by abusing the generation of the HTML code related to emojis...
PT-2022-11092 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 14.3 through 14.3.6 GitLab CE/EE versions 14.4 through 14.4.4 GitLab CE/EE versions 14.5 through 14.5.2 Description: The issue is related to the improper neutralization of user input, allowing an attacker to exploit XSS ...
Ruby: XSS in HTML generated by RDoc
Vulnerability description not provided...
Discuz! X3. 1 Background to arbitrary code execution can take shell-vulnerability warning-the black bar safety net
See someone ask Discuz! X3. 1 Background how get shell, download it a look, before someone says HTML generation can take the shell, I yesterday the official website to download the version found, the static file extensions, limiting the htm/html. If the server does not exist parsing vulnerability...
[SECURITY] Fedora 16 Update: perl-CGI-3.52-203.fc16
CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...
[SECURITY] Fedora 18 Update: perl-CGI-3.51-10.fc18
CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...
Fedora Update for perl-CGI FEDORA-2011-0640
Check for the Version of perl-CGI OpenVAS Vulnerability Test Fedora Update for perl-CGI FEDORA-2011-0640 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] Fedora 13 Update: perl-CGI-3.51-1.fc13
CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...
Inserted image filenames are not escaped properly as thumbnails
When you insert an image as a thumbnail into a wiki page, the generated HTML does not properly escape the filename...
Inserted image filenames are not escaped properly as thumbnails
When you insert an image as a thumbnail into a wiki page, the generated HTML does not properly escape the filename...
Debian DSA-1492-1 : wml - insecure temporary files
Frank Lichtenheld and Nico Golde discovered that WML, an off-line HTML generation toolkit, creates insecure temporary files in the eperl and ipp backends and in the wmg.cgi script, which could lead to a local denial of service by overwriting files. %NASLMINLEVEL 70300 C Tenable Network Security,...
DSA-1492-1 wml
Bulletin has no description...