Lucene search
K

4 matches found

Hacker One
Hacker One
added 2023/03/24 12:43 a.m.6 views

Flickr: High resource consumption by insufficient sanitization of forum threads pagination

The forum threads pagination functionality was insufficiently sanitized, leading to high resource consumption. When a page number was provided in the URL that exceeded the number of available pages, an infinite loop was triggered, generating excessive markup on each iteration. The issue was...

6.8AI score
Exploits0
CNNVD
CNNVD
added 2021/04/09 12:0 a.m.4 views

MediaWiki 访问控制错误漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki version 1.31.12 and versions prior to 1.32.x series 1.35.x...

4.3CVSS5.6AI score0.01212EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2021/04/09 12:0 a.m.4 views

PT-2021-3351 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.31.12 and earlier MediaWiki versions 1.32.x through 1.35.x before 1.35.2 Description: The issue is related to the ContentModelChange function in MediaWiki, which lacks proper authorization. This allows a remote attacker t...

9.8CVSS6AI score0.03832EPSS
Exploits18References99
Exploit DB
Exploit DB
added 2011/03/27 12:0 a.m.19 views

Cetera eCommerce - Multiple Cross-Site Scripting / SQL Injections

source: https://www.securityfocus.com/bid/47044/info Cetera eCommerce is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...

7AI score
Exploits0
Rows per page
Query Builder