30 matches found
PT-2021-23358 · Suitecrm · Suitecrm
Name of the Vulnerable Software and Affected Versions: SuiteCRM versions prior to 7.10.33 SuiteCRM versions prior to 7.11.22 Description: The issue allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the importFile parameter of the...
CVE-2013-7351
Multiple cross-site scripting XSS vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the 1 showRSS, 2 showATOM, or 3 showDailyRSS function; a 4 file name to the importFile function; or 5 vectors related to bookmarks...
DEBIAN-CVE-2013-7351
Multiple cross-site scripting XSS vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the 1 showRSS, 2 showATOM, or 3 showDailyRSS function; a 4 file name to the importFile function; or 5 vectors related to bookmarks...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the 1 showRSS, 2 showATOM, or 3 showDailyRSS function; a 4 file name to the importFile function; or 5 vectors related to bookmarks...
CVE-2013-7351
Multiple cross-site scripting XSS vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the 1 showRSS, 2 showATOM, or 3 showDailyRSS function; a 4 file name to the importFile function; or 5 vectors related to bookmarks...
CVE-2013-7351
CVE-2013-7351 corresponds to multiple XSS flaws in Shaarli’s index.php. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML by crafting the URL for: (1) showRSS, (2) showATOM, (3) showDailyRSS; (4) a file name to importFile; or (5) vectors related to bookmarks. Conne...
CVE-2013-7351
Multiple cross-site scripting XSS vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the 1 showRSS, 2 showATOM, or 3 showDailyRSS function; a 4 file name to the importFile function; or 5 vectors related to bookmarks...
CVE-2013-7351
Multiple cross-site scripting XSS vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the 1 showRSS, 2 showATOM, or 3 showDailyRSS function; a 4 file name to the importFile function; or 5 vectors related to bookmarks...
VulnCheck KEV: CVE-2013-5912
VhttpdMgr in Thomson Reuters Velocity Analytics Vhayu Analytic Server 6.94 build 2995 allows remote attackers to execute arbitrary code via a URL in the fileName parameter during an importFile action...
Trend Micro Control Manager - ImportFile Directory Traversal RCE Exploit
Exploit for windows platform in category remote exploits require 'msf/core' require 'msf/core/exploit/phpexe' class MetasploitModule 'Trend Micro Control Manager importFile Directory Traversal RCE', 'Description' = %q This module exploits a directory traversal vulnerability found in Trend Micro...