33 matches found
EUVD-2009-4389
Malware in sbrugna...
EUVD-2008-5665
Malware in sbrugna...
EUVD-2024-38333
Malicious code in bioql PyPI...
CVE-2024-39165
QR/demoapp/qrimage.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers to execute arbitrary code via a PHP payload in the data parameter in conjunction with a .php file name in the filename parameter. This occurs because an unnecessary QR/demoapp folder.is shipped with the...
CVE-2024-39165
QR/demoapp/qrimage.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers to execute arbitrary code via a PHP payload in the data parameter in conjunction with a .php file name in the filename parameter. This occurs because an unnecessary QR/demoapp folder.is shipped with the...
CVE-2024-39165
QR/demoapp/qrimage.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers to execute arbitrary code via a PHP payload in the data parameter in conjunction with a .php file name in the filename parameter. This occurs because an unnecessary QR/demoapp folder.is shipped with the...
Asial JpGraph Security Vulnerability
Asial JpGraph is an object-oriented PHP graph creation library from Asial. A security vulnerability exists in Asial JpGraph version 4.2.6-pro and prior versions. A remote attacker can use this vulnerability to execute arbitrary code via a PHP load in the data parameter and a .php filename in the...
CVE-2024-39165
Summary: CVE-2024-39165 affects Asial JpGraph Professional up to version 4.2.6-pro. The vulnerability arises from the presence of an unnecessary QR/demoapp folder, enabling a remote attacker to execute arbitrary PHP code via a payload placed in the data parameter and a .php filename in the filena...
ldwarf.ipac.caltech.edu XSS vulnerability
Vulnerable URL: http://ldwarf.ipac.caltech.edu/jpgraph-2.2/src/Examples/show-example.php?target=dateaxisex4.phpKNOXSS Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
Mantis 0.15.x/0.16/0.17.x JPGraph Remote File Include Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5504/info Mantis depends on include files to provide some functionality, such as dynamic generation of graphs. However, since Mantis does not properly validate the path to the include file, it is possible for attackers to...
Elastix 2.4.0 Cross Site Scripting
Exploit Title: Elastix 2.4.0 Multiple XSS Date: 17 Nov 2013 Author: Bassem - Unshield Team Contact: Securityatunshielddotnet Software Link: http://www.elastix.org/ Version: 2.4.0 , works for same libs exist also on Elastix 3.0.0 Alpha Tested on: 2.4.0...
JpGraph Multiple Cross-Site Scripting Vulnerabilities
The host is running JpGraph and is prone to multiple Cross-Site Scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbjpgraphmultxssvuln.nasl 5306 2017-02-16 09:00:16Z teissa $ JpGraph Multiple Cross-Site Scripting Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone...
JpGraph <= 3.0.6 Multiple XSS Vulnerabilities
JpGraph is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
JpGraph Detection (HTTP)
HTTP based detection of JpGraph. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.800413";...
Mandriva Security Advisory MDVSA-2009:340 (jpgraph)
The remote host is missing an update to jpgraph announced via advisory MDVSA-2009:340. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Mandriva Security Advisory MDVSA-2009:340 (jpgraph)
The remote host is missing an update to jpgraph announced via advisory MDVSA-2009:340. OpenVAS Vulnerability Test $Id: mdksa2009340.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:340 jpgraph Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
[ MDVSA-2009:340 ] jpgraph
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:340 http://www.mandriva.com/security/ Package : jpgraph Date : December 26, 2009 Affected: Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in jpgraph:...
CVE-2009-4422
Multiple cross-site scripting XSS vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csiminhtmlex1.php, and other unspecified vectors...
CVE-2009-4422
Multiple cross-site scripting XSS vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csiminhtmlex1.php, and other unspecified vectors...
CVE-2009-4422
CVE-2009-4422 corresponds to multiple cross-site scripting (XSS) vulnerabilities in Aditus Consulting JpGraph 3.0.6, specifically in the GetURLArguments function inside jpgraph.php. The public description indicates remote attackers can inject arbitrary web script or HTML via a key to csim_in_html...