Lucene search
K

165 matches found

Huntr
Huntr
added 2022/07/04 7:11 p.m.65 views

Mutation Stored XSS at homepage

Description bookwyrm HTML input sanitizer is vulnerable to Mutation XSS. The payload could be stored and displayed on the homepage of the website path /feed or /discovery making it widely affects all users and the main website. Proof of Concept Edit a book description: // PoC Access to the /feed...

4.3CVSS6.3AI score0.00493EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/05/24 5:40 p.m.35 views

Zen Cart vulnerable to authenticated remote code execution

Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element within the modules edit page and inserting a command...

9CVSS7.6AI score0.16782EPSS
Exploits4References5Affected Software1
OSV
OSV
added 2022/05/24 5:40 p.m.24 views

GHSA-38F9-4VHQ-9CR8 Zen Cart vulnerable to authenticated remote code execution

Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element within the modules edit page and inserting a command...

7.2CVSS7.2AI score0.16782EPSS
Exploits4References5
OSV
OSV
added 2022/05/13 1:13 a.m.22 views

GHSA-3GM8-32VV-Q8MP Moodle Cross-site Scripting vulnerability in the KSES text cleaning filter

The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting XSS attacks via HTML input...

4CVSS4.9AI score0.02226EPSS
Exploits0References19
Veracode
Veracode
added 2022/04/04 7:50 a.m.35 views

Remote Code Execution (RCE)

Dompdf is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the font type via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...

9.8CVSS1.5AI score0.82438EPSS
Exploits8References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/03 3:15 a.m.3 views

CVE-2022-28368

Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...

9.8CVSS6.4AI score0.82438EPSS
Exploits8References9
NVD
NVD
added 2022/04/03 3:15 a.m.19 views

CVE-2022-28368

Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...

9.8CVSS0.82438EPSS
Exploits8References7
OSV
OSV
added 2022/04/03 3:15 a.m.19 views

CVE-2022-28368

Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...

9.8CVSS9.6AI score
Exploits0References7
Prion
Prion
added 2022/04/03 3:15 a.m.23 views

Input validation

Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...

7.5CVSS9.5AI score0.82438EPSS
Exploits8References7Affected Software1
Debian CVE
Debian CVE
added 2022/04/03 12:0 a.m.56 views

CVE-2022-28368

Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...

9.8CVSS9.7AI score0.82438EPSS
Exploits8
NVD
NVD
added 2021/12/08 10:15 p.m.21 views

CVE-2021-38504

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

8.8CVSS0.01586EPSS
Exploits0References10
Prion
Prion
added 2021/12/08 10:15 p.m.22 views

Design/Logic Flaw

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

6.8CVSS8.8AI score0.01586EPSS
Exploits0References10Affected Software4
Cvelist
Cvelist
added 2021/12/08 9:21 p.m.29 views

CVE-2021-38504

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

9.2AI score0.01586EPSS
Exploits0References10
AlpineLinux
AlpineLinux
added 2021/12/08 9:21 p.m.48 views

CVE-2021-38504

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

8.8CVSS9.3AI score0.01586EPSS
Exploits0
CVE
CVE
added 2021/12/08 9:21 p.m.303 views

CVE-2021-38504

The CVE-2021-38504 issue is a real vulnerability affecting Firefox < 94, Thunderbird < 91.3, and Firefox ESR

8.8CVSS9AI score0.01586EPSS
Exploits0References10Affected Software3
Debian CVE
Debian CVE
added 2021/12/08 9:21 p.m.47 views

CVE-2021-38504

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

8.8CVSS9.9AI score0.01586EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/11/20 12:0 a.m.253 views

openSUSE 15 Security Update : MozillaFirefox (openSUSE-SU-2021:3745-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3745-1 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing...

10CVSS7.7AI score0.0383EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2021/11/10 10:37 a.m.4 views

Mozilla: Use-after-free in file picker dialog

The Mozilla Foundation Security Advisory describes this flaw as: When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash...

8.8CVSS7.3AI score0.01586EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/09 5:49 p.m.4 views

jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...

6.9CVSS6.6AI score0.8383EPSS
Exploits6References6
RedhatCVE
RedhatCVE
added 2021/11/03 1:9 a.m.38 views

CVE-2021-38504

The Mozilla Foundation Security Advisory describes this flaw as: When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash...

8.8CVSS9.3AI score0.01586EPSS
Exploits0References3
Rows per page
Query Builder