18 matches found
CVE-2022-31447
An XML external entity XXE injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file...
EUVD-2020-21315
Malware in sbrugna...
EUVD-2022-52917
Malicious code in bioql PyPI...
CVE-2020-28927
There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload...
CVE-2022-31447
An XML external entity XXE injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file...
CVE-2022-31447
An XML external entity XXE injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file...
CVE-2022-31447
An XML external entity XXE injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file...
Xxe
An XML external entity XXE injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file...
CVE-2022-31447
CVE-2022-31447 is an XXE (XML External Entity) vulnerability affecting Magicpin v3.4. The issue allows an attacker to access sensitive database information by processing a crafted SVG file, indicating a flaw in how SVG/XML input is parsed. Root cause: XML external entity handling weakness in the ...
CVE-2022-31447
An XML external entity XXE injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file...
Samast Technologies Magicpin 代码问题漏洞
Samast Technologies Magicpin is a Samast Technologies India application that combines parts of Zomato restaurant discovery and reviews and Roposo theme-based social media network on the consumer side and Freshdesk customer management application on the restaurant side. applications. A security...
Magicpin Cross-Site Scripting Vulnerability
Magicpin is an Indian hyperlocal lifestyle services exploration platform. Based on geographic location, it helps merchants and users to interact and communicate, mainly providing users with information on promotional and discounted activities, content changes, merchant dynamics, as well as social...
CVE-2020-28927
There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload...
CVE-2020-28927
There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload...
Cross site scripting
There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload...
CVE-2020-28927
CVE-2020-28927 involves a stored XSS in Magicpin v2.1, specifically in the User Registration flow. The vulnerability triggers when an admin visits the Manage User section from the admin panel, allowing a crafted payload to steal cookies. The connected RedHat/CNVD/NVD/CVE references corroborate a ...
CVE-2020-28927
There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload...
Magicpin 跨站脚本漏洞
Magicpin is an Indian hyperlocal lifestyle services exploration platform. Based on geographic location, it helps merchants and users to interact and communicate, mainly providing users with information on promotional and discounted activities, content changes, merchant dynamics, as well as social...