5 matches found
EUVD-2021-29925
Malicious code in bioql PyPI...
InPost Gallery <= 2.1.4.1 - Reflected XSS
The plugin does not sanitise and escape the imgurl parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Make a logged in admin open...
imgurl sql injection vulnerability
imgurl is a graphical bed application developed using PHP SQLite 3. imgurl version v2.3.1 is vulnerable to SQL injection. The vulnerability originates in /upload/localhost, where the ip is spliced directly into the sql statement, and can be exploited by attackers to cause SQL injection attacks...
imgurl SQL注入漏洞
imgurl is a graphical bed application developed using PHP SQLite 3. imgurl version v2.3.1 is vulnerable to SQL injection. The vulnerability originates in /upload/localhost, where the ip is spliced directly into the sql statement, and can be exploited by attackers to cause SQL injection attacks...
imgurl跨站脚本漏洞
imgurl is a simple, pure graph bed program developed using PHP + SQLite 3. A cross-site scripting vulnerability exists in imgURL version 2.31, which allows attackers to trigger cross-site scripting via the X-Forwarded-For HTTP header...