CVE-2022-45025

Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was discovered to contain a command injection vulnerability via the PDF file import function...

Markdown Preview Enhanced 操作系统命令注入漏洞

Markdown Preview Enhanced is a super-powerful markdown extension by the individual developer Yiyi Wang. An operating system command injection vulnerability exists in Markdown Preview Enhanced version v0.6.5 and v0.19.6. An attacker can exploit this vulnerability to perform command injection via t...

CVE-2022-38527

UCMS v1.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the Import function under the Site Management page...

CVE-2022-38527

UCMS v1.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the Import function under the Site Management page...

Cross site scripting

UCMS v1.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the Import function under the Site Management page...

CVE-2022-38527

UCMS v1.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the Import function under the Site Management page...

CVE-2022-38527

UCMS v1.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the Import function under the Site Management page...

CVE-2022-38527

CVE-2022-38527 : UCMS v1.6.0 contains a cross-site scripting (XSS) vulnerability via the Import function in the Site Management page. The provided sources consistently identify UCMS 1.6.0 and the Import function as the vulnerable vector, with the root cause described as an XSS flaw and no public ...

PT-2022-24436 · Ucms · Ucms

Name of the Vulnerable Software and Affected Versions: UCMS version 1.6.0 Description: A cross-site scripting XSS issue was found in UCMS via the Import function under the Site Management page. This allows for potential malicious script execution. Recommendations: For UCMS version 1.6.0, consider...

UCMS 跨站脚本漏洞

UCMS is a content management system written in PHP. A security vulnerability exists in UCMS v1.6.0, which originates from the fact that an attacker can implement cross-site scripting via the Import function of its web management interface...

The vulnerability of the import function in GitHub’s software platform, based on Git, for collaborative code development on GitLab, allows a perpetrator to execute arbitrary code.

The vulnerability of the import function in GitHub’s software platform for GitLab-based collaborative code development is related to the lack of measures taken to clean up data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2022-0496

A vulnerbiility was found in Openscad, where a DXF-format drawing with particular not necessarily malformed! properties may cause an out-of-bounds memory access when imported using import...

Openscad 缓冲区错误漏洞

Openscad is an Openscad open source for creating solid 3D CAD objects. Openscad has a security vulnerability that stems from the fact that when imported using import, a drawing with certain not necessarily incorrectly formatted! attributes, a DXF-formatted drawing may result in an out-of-bounds...

The vulnerability of the import function in GitHub’s software platform, based on Git, for collaborative code development on GitLab, allows a perpetrator to execute arbitrary code.

The vulnerability of the import function in GitHub’s software platform for Git-based collaborative code development on GitLab is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the target system...

CVE-2020-23060

Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a crafted ef2 file...

CVE-2020-23060

Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a crafted ef2 file...

SuiteCRM Path Traversal Vulnerability (CNVD-2021-88951)

SuiteCRM is a customer relationship management system from the SuiteCRM Suitecrm team. SuiteCRM has a security vulnerability that allows an attacker to include arbitrary files via the filename parameter portion of the Step3 import function...

The vulnerability of the import function implementation (/wp-admin/tools.php?page=rsvpmaker_export_screen) of the RSVPMaker plugin for WordPress content management system allows a hacker to perform an SSRF attack.

The vulnerability of the import function implementation /wp-admin/tools.php?page=rsvpmakerexportscreen of the RSVPMaker plugin for WordPress’s content management system is related to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to perfo...

Cross-Site Request Forgery (CSRF) in erikdubbelboer/phpredisadmin

✍️ Description The Import functionality in the application is vulnerable to CSRF attacks. 🕵️‍♂️ Proof of Concept history.pushState'', '', '/' 💥 Impact This vulnerability can let an attacker import data to the database without the knowledge/interaction of the user...

WordPress Plugin RSVPMaker 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...