magento-lts 安全漏洞

magento-lts is an OpenMage open source reliable replacement for the official version of Magento CE. A security vulnerability exists in magento-lts versions prior to 20.10.1, which stems from a missing escape that allows arbitrary html to be entered...

Cross-Site Scripting (XSS)

collective.dms.basecontent is vulnerable to cross-site scripting. The vulnerability exists in the renderCell function of column.py due to missing escape characters which allows an attacker to inject and execute malicious JavaScript...

WordPress Ninja Forms plugin code issue vulnerability

WordPress is a blogging platform developed by the WordPress Wordpress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Ninja Forms plugin is a form creation component used in it. A code issue exists in the WordPress Ninja Forms plugin before...

Acronis: DOM based XSS in store.acronis.com/<id>/purl-corporate-standard-IT [cfg parameter]

Summary Hi Acronis team, i found a DOM based XSS in store.acronis.com, this vulnerability arise from a missing escape for the \ character. Steps To Reproduce 1. go to:...

Debian DSA-1910-1 : mysql-ocaml - missing escape function

It was discovered that mysql-ocaml, OCaml bindings for MySql, was missing a function to call mysqlrealescapestring. This is needed, because mysqlrealescapestring honours the charset of the connection and prevents insufficient escaping, when certain multibyte character encodings are used. The adde...

Debian DSA-1909-1 : postgresql-ocaml - missing escape function

It was discovered that postgresql-ocaml, OCaml bindings to PostgreSQL's libpq, was missing a function to call PQescapeStringConn. This is needed, because PQescapeStringConn honours the charset of the connection and prevents insufficient escaping, when certain multibyte character encodings are use...

Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)

The remote host is missing an update to ocaml-mysql announced via advisory FEDORA-2009-10582. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...

Fedora Core 10 FEDORA-2009-10595 (ocaml-postgresql)

The remote host is missing an update to ocaml-postgresql announced via advisory FEDORA-2009-10595. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)

The remote host is missing an update to ocaml-mysql announced via advisory FEDORA-2009-10582. OpenVAS Vulnerability Test $Id: fcore200910582.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10582 ocaml-mysql Authors: Thomas Reinke Copyright: Copyrigh...

Fedora Core 11 FEDORA-2009-10701 (ocaml-mysql)

The remote host is missing an update to ocaml-mysql announced via advisory FEDORA-2009-10701. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...

Fedora 10 : ocaml-postgresql-1.12.3-1.fc10.2 (2009-10595)

New upstream version 1.12.3. - This contains a SECURITY fix for: https://bugzilla.redhat.com/showbug.cgi?id=529325 CVE-2009-2943 ocaml- postgresql: Missing escape function DSA-1909-1 HOWEVER you are not protected until you change your code to use the new connectionescapestring method. Note that...

[SECURITY] [DSA 1909-1] New postgresql-ocaml packages provide secure escaping

------------------------------------------------------------------------ Debian Security Advisory DSA-1909-1 [email protected] http://www.debian.org/security/ Steffen Joeris October 14, 2009 http://www.debian.org/security/faq -...