5 matches found
GHSA-HFRV-H3Q8-9JPR kurwov vulnerable to Denial of Service due to improper data sanitization
Summary An unsafe sanitization of dataset contents on the MarkovDatagetNext method used in Markovgenerate and Markovchoose allows a maliciously crafted string on the dataset to throw and stop the function from running properly. Details...
Stored XSS in "DATA IMPORTS" module
Description Due to improper data sanitization and validation in "DATA IMPORTS" module allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected. Payload In this PoC, I can inject into "Address" and "City" fields when importing new user by using the...
mIRC URI Handler Remote Code Execution (CVE-2019-6453)
A remote code execution vulnerability exists in mIRC. The vulnerability is due to improper sanitization of user-supplied data which may be passed to the application as an option. Successful exploitation could result in code execution on the target machine in the context of the application...
WordPress 'Non-Strict Mode' Multiple Cross-Site Scripting Vulnerabilities - Windows
WordPress is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
ICQ 2003 - Webfront Guestbook Cross-Site Scripting
ICQ 2003 - Webfront Guestbook Cross-Site Scripting source: https://www.securityfocus.com/bid/8563/info It has been reported that ICQ Webfront is prone to a cross-site scripting vulnerability in the message field of the guestbook module. This issue is caused by improper sanitization of user-suppli...