Lunary Cross-Site Scripting Vulnerability

lunary is lunary open source a production toolkit for LLM . lunary has a cross-site scripting vulnerability , the vulnerability stems from the failure to escape or validate the user-supplied orgId parameter , an attacker can use the vulnerability to steal user cookies or authentication tokens...

Lunary 跨站脚本漏洞

lunary is lunary open source a production toolkit for LLM . lunary has a cross-site scripting vulnerability , the vulnerability stems from the failure to escape or validate the user-supplied orgId parameter , an attacker can use the vulnerability to steal user cookies or authentication tokens...

Quest KACE System Management Appliance SQL Injection Vulnerability (CNVD-2018-15268)

Quest KACE System Management Appliance is an IT asset management appliance from Quest Software, USA. A SQL injection vulnerability exists in the '/common/downloadagentinstaller.php' script in version 8.0.318 of the Quest KACE System Management Appliance, which originates from the program failing ...

CVE-2018-11136

The 'orgID' parameter received by the '/common/downloadagentinstaller.php' script in the Quest KACE System Management Appliance 8.0.318 is not sanitized, leading to SQL injection in particular, a blind time-based type...

ProvideChat Cross Site Scripting

Exploit Title: ProvideChat Cross Site Scripting Date: 15.03.2012 Author: Sony Software Link: http://providechat.com Google Dorks: inurl:/chat/unavailable.php?orgId= or intext:powered by providechat Web Browser : Mozilla Firefox Site : http://insecurity.ro PoC:...