EUVD-2006-0379

Malware in sbrugna...

CVE-2020-26303

A flaw was found in the insane package, a whitelist-oriented HTML sanitizer. Affected versions of this package contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. Mitigation Mitigation for this issue is either not available or the currently...

insane vulnerable to Regular Expression Denial of Service

insane is a whitelist-oriented HTML sanitizer. Versions 2.6.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are available...

7ghost (>=4.11.16 <=4.11.46), @abhilashgoswami/block-text (>=0.0.6 <=0.0.7) +225 more potentially affected by CVE-2020-26303 via insane (>=2.4.0 <=2.6.2)

insane NPM version =2.4.0, =4.11.16, =0.0.6, =0.0.8, =8.3.28-ST.0, =0.2.0, =0.0.2-canary.1.10.0, =2.35.0, =14.42.1-canary.1016.19978.0, =0.1.0, =22.0.0, =0.1.0, =1.9.3, =0.1.0, =0.13.85 and more Source cves: CVE-2020-26303 Source advisory: OSV:GHSA-W455-MFQ9-HF74...

CVE-2020-26303 GHSL-2020-289: Regular Expression Denial of Service (ReDoS) in insane

insane is a whitelist-oriented HTML sanitizer. Versions 2.6.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are available...

CVE-2020-26303

The CVE-2020-26303 entry concerns the insane HTML sanitizer. Affected versions are 2.6.2 and earlier. The underlying issue is a Regular Expression Denial of Service (ReDoS) vulnerability in one or more regular expressions used by the sanitizer. Public documentation indicates that as of publicatio...

CVE-2020-26303 GHSL-2020-289: Regular Expression Denial of Service (ReDoS) in insane

insane is a whitelist-oriented HTML sanitizer. Versions 2.6.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no known patches are available...

insane 安全漏洞

insane is a streamlined and configurable whitelist-oriented HTML cleanup tool from the individual developer Nicolás Bevacqua. A security vulnerability exists in insane version 2.6.2 and prior versions, which stems from the presence of a regular expression denial of service vulnerability...

PT-2024-10793 · Insane · Insane

Name of the Vulnerable Software and Affected Versions: insane versions 2.6.2 and prior Description: The issue concerns a whitelist-oriented HTML sanitizer that contains one or more regular expressions vulnerable to Regular Expression Denial of Service ReDoS. No known patches are available as of t...

CVE-2019-1010218

Cherokee Webserver Latest Cherokee Web server Upto Version 1.2.103 Current stable is affected by: Buffer Overflow - CWE-120. The impact is: Crash. The component is: Main cherokee command. The attack vector is: Overwrite argv0 to an insane length with execl. The fixed version is: There's no fix ye...

CVE-2019-1010218

Cherokee Webserver Latest Cherokee Web server Upto Version 1.2.103 Current stable is affected by: Buffer Overflow - CWE-120. The impact is: Crash. The component is: Main cherokee command. The attack vector is: Overwrite argv0 to an insane length with execl. The fixed version is: There's no fix ye...

Buffer overflow

Cherokee Webserver Latest Cherokee Web server Upto Version 1.2.103 Current stable is affected by: Buffer Overflow - CWE-120. The impact is: Crash. The component is: Main cherokee command. The attack vector is: Overwrite argv0 to an insane length with execl. The fixed version is: There's no fix ye...

AdaptCMS 3.0.3 XSS / Remote Code Execute Vulnerabilities

AdaptCMS version 3.0.3 suffers from an authenticated arbitrary command execution vulnerability. The issue is caused due to the improper verification of uploaded files. This can be exploited to execute arbitrary PHP code by creating or uploading a malicious PHP script file that will be stored in...

AdaptCMS 3.0.3 - Multiple Vulnerabilities

AdaptCMS 3.0.3 - Multiple Vulnerabilities !/usr/bin/env python AdaptCMS 3.0.3 Remote Command Execution Exploit Vendor: Insane Visions Product web page: http://www.adaptcms.com Affected version: 3.0.3 Summary: AdaptCMS is a Content Management System trying to be both simple and easy to use, as wel...

AdaptCMS 3.0.3 Cross Site Scripting

AdaptCMS 3.0.3 Multiple Persistent XSS Vulnerabilities Vendor: Insane Visions Product web page: http://www.adaptcms.com Affected version: 3.0.3 Summary: AdaptCMS is a Content Management System trying to be both simple and easy to use, as well as very agile and extendable. Not only so we can...

AdaptCMS 3.0.3 HTTP Referer Header Field Open Redirect Vulnerability

Summary AdaptCMS is a Content Management System trying to be both simple and easy to use, as well as very agile and extendable. Not only so we can easily create Plugins or additions, but so other developers can get involved. Using CakePHP we are able to achieve this with a built-in plugin system...

AdaptCMS 3.0.3 Multiple Persistent XSS Vulnerabilities

Summary AdaptCMS is a Content Management System trying to be both simple and easy to use, as well as very agile and extendable. Not only so we can easily create Plugins or additions, but so other developers can get involved. Using CakePHP we are able to achieve this with a built-in plugin system...

AdaptCMS 3.0.3 Remote Command Execution

!/usr/bin/env python AdaptCMS 3.0.3 Remote Command Execution Exploit Vendor: Insane Visions Product web page: http://www.adaptcms.com Affected version: 3.0.3 Summary: AdaptCMS is a Content Management System trying to be both simple and easy to use, as well as very agile and extendable. Not only s...

AdaptCMS 3.0.3 HTTP Referer Header Open Redirect

AdaptCMS 3.0.3 HTTP Referer Header Field Open Redirect Vulnerability Vendor: Insane Visions Product web page: http://www.adaptcms.com Affected version: 3.0.3 Summary: AdaptCMS is a Content Management System trying to be both simple and easy to use, as well as very agile and extendable. Not only...

AdaptCMS 3.0.3 Remote Command Execution Exploit

Summary AdaptCMS is a Content Management System trying to be both simple and easy to use, as well as very agile and extendable. Not only so we can easily create Plugins or additions, but so other developers can get involved. Using CakePHP we are able to achieve this with a built-in plugin system...