CMSimple cross-site scripting vulnerability (CNVD-2026-0082457)

CMSimple is a free content management system. CMSimple suffers from a cross-site scripting vulnerability that stems from the Filebrowser external input field not properly filtering or encoding user-supplied content for output. An attacker can exploit the vulnerability by constructing malicious...

CVE-2024-31161 ASUS Download Master - Arbitrary File Upload

The upload functionality of ASUS Download Master does not properly filter user input. Remote attackers with administrative privilege can exploit this vulnerability to upload any file to any location. They may even upload malicious web page files to the website directory, allowing arbitrary system...

showdoc 跨站脚本漏洞

showdoc is an open source tool ideal for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability, which stems from the lack of valid detection of .aspx file extensions in the application's file upload feature. An attacker could exploit this...

USN-4800-1 lynx vulnerabilities

It was discovered that Lynx incorrectly handled certain URLs. A remote attacker could possibly use this issue to obtain sensitive information or other unspecified impact. This issue only affected Ubuntu 16.04 ESM. CVE-2016-9179 It was discovered that Lynx incorrectly handled certain HTML files. A...