FOG 跨站脚本漏洞

FOG is an open-source computer cloning and management system developed by the FOG Project. Versions of FOG prior to 1.5.10.1812 contained a cross-site scripting vulnerability. This vulnerability stemmed from insufficient server-side parameter cleaning and the lack of HTML escaping in list tables,...

YesWiki cercopitheque 2020.04.18.1 - 'id' SQL Injection

Exploit Title: YesWiki cercopitheque 2020.04.18.1 - 'id' SQL Injection Date: 2020-04-25 Exploit Author: coiffeur Vendor Homepage: https://yeswiki.net/ Software Link: https://yeswiki.net/, https://github.com/YesWiki/yeswiki Version: YesWiki cercopitheque OPTIONS... DESCRIPTION: -lt, list tables. -...

wordpress: multiple issues

CVE-2015-5714 cross-side scripting A cross-site scripting vulnerability has been discovered when processing shortcode tags. - CVE-2015-5715 insufficient permission restriction A vulnerability has been discovered, allowing users without proper permissions to publish private posts and make them...

Debian Security Advisory DSA 3375-1 (wordpress - security update)

Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. CVE-2015-5714 A cross-site scripting vulnerability when processing shortcode tags has been discovered. The issue has been fixed by not allowing unclosed HTML elements in attributes. CVE-2015-5715 A vulnerability ha...