92 matches found
EUVD-2016-1401
Malware in sbrugna...
EUVD-2017-15016
Malware in sbrugna...
EUVD-2017-15961
Malware in sbrugna...
EUVD-2017-16239
Malware in sbrugna...
EUVD-2016-1400
Malware in sbrugna...
EUVD-2016-1408
Malware in sbrugna...
EUVD-2017-15030
Malware in sbrugna...
EUVD-2017-15031
Malware in sbrugna...
EUVD-2017-15449
Malware in sbrugna...
EUVD-2017-15593
Malware in sbrugna...
EUVD-2017-15448
Malware in sbrugna...
EUVD-2022-3447
Malicious code in bioql PyPI...
GHSA-R8VH-CM9F-RC29 Magmi XSS Vulnerability
A Cross-Site Scripting XSS was discovered in Magmi 0.7.22. The vulnerability exists due to insufficient filtration of user-supplied data prefix passed to the magmi-git-master/magmi/web/ajaxgettime.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the...
GHSA-9V3W-M552-M6FF Pi Cross-site Scripting vulnerability
A Cross-Site Scripting XSS was discovered in pi-engine/pi 2.5.0. The vulnerability exists due to insufficient filtration of user-supplied data preview passed to the pi-develop/www/script/editor/markitup/preview/markdown.php URL. An attacker could execute arbitrary HTML and script code in a browse...
Pi Cross-site Scripting vulnerability
A Cross-Site Scripting XSS was discovered in pi-engine/pi 2.5.0. The vulnerability exists due to insufficient filtration of user-supplied data preview passed to the pi-develop/www/script/editor/markitup/preview/markdown.php URL. An attacker could execute arbitrary HTML and script code in a browse...
Cross-site Scripting (XSS)
paypal/merchant-sdk-php is vulnerable to cross-site scriptingXSS attacks. The vulnerability exists due to insufficient filtration of user-supplied data in token HTTP GET parameter in samples/AccountAuthentication/GetAuthDetails.html.php, allowing a malicious user to inject and execute arbitrary w...
Cross site scripting
There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON-Auto-Dialer-Agents-Name" field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable applicati...
Node.js third-party modules: [markdown-pdf] Local file reading
I would like to report local file reading in markdown-pdf It allows to insert a malicious html code, which allows to read the local files. Module module name: markdown-pdf version: 8.1.1 npm page: https://www.npmjs.com/package/markdown-pdf Module Description Node module that converts Markdown fil...
CVE-2017-17057
There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...
CVE-2017-17057
There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...