CVE-2018-25245

CVE-2018-25245 affects Microsoft 7 Tik 1.0.1.0 and is a denial-of-service vulnerability in the search functionality. The underlying issue is that submitting excessively long input strings (e.g., a 7700-character buffer) can crash the application, impacting availability. The connected documents pr...

Linux Distros Unpatched Vulnerability : CVE-2023-49921

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents...

CVE-2023-49921

An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessi...

Farsicom CMS Cross Site Scripting

cross site scripting XSS Vulnerability + Portal Name : farsicome cms + software : http://www.farsicom.com + Author : d3c0der + Contact : [email protected] + spt : netqurd - m44r3k - l3l4ck.$c0rpi0n- bl4ckl0rd ------------------------------------------------------------------------------------ +...

CMSimple index.php search Function XSS

The remote host is running CMSimple, a CMS written in PHP. The version of CMSimple installed on the remote host is prone to cross-site scripting attacks due to its failure to sanitize user-supplied input to the search field. %NASLMINLEVEL 70300 Josh Zlatin-Amishav josh at ramat dot cc GPLv2 Chang...