178 matches found
Cross site scripting
A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be use...
Cross site scripting
A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /blog/comment of the component Message Board. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has be...
CVE-2022-4353
CVE-2022-4353 affects LinZhaoguan pb-cms 2.0, specifically the IpUtil.getIpAddr function. The vulnerability allows cross-site scripting and can be exploited remotely, with exploitation publicly disclosed (VDB-215113). Several connected sources corroborate XSS via IpUtil.getIpAddr and remote attac...
CVE-2022-4354 LinZhaoguan pb-cms Message Board comment cross site scripting
A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /blog/comment of the component Message Board. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has be...
CVE-2022-4354 LinZhaoguan pb-cms Message Board comment cross site scripting
A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /blog/comment of the component Message Board. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has be...
PT-2022-26956 · Linzhaoguan · Linzhaoguan Pb-Cms
Name of the Vulnerable Software and Affected Versions: LinZhaoguan pb-cms version 2.0 Description: A vulnerability was found in the Message Board component, specifically affecting some unknown functionality of the file /blog/comment. This issue leads to cross site scripting and can be exploited...
pb-cms 安全漏洞
pb-cms is a content management system by LinZhaoguan Personal Developer. A security vulnerability exists in pb-cms version 2.0, which stems from its IpUtil.getIpAddr function that allows attackers to implement cross-site scripting. The attack method has been made public and can be initiated...
CVE-2022-4353 LinZhaoguan pb-cms IpUtil.getIpAddr cross site scripting
A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be use...
CVE-2022-4354
CVE-2022-4354 affects LinZhaoguan pb-cms 2.0, specifically the /blog/comment function of the Message Board. A cross-site scripting vulnerability is present due to an issue in an unknown functionality, allowing remote exploitation. The vulnerability has been publicly disclosed (VDB-215114). NVD in...
PT-2022-26955 · Linzhaoguan · Linzhaoguan Pb-Cms
Name of the Vulnerable Software and Affected Versions: LinZhaoguan pb-cms version 2.0 Description: A vulnerability has been found in the function IpUtil.getIpAddr, which leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be use...
pb-professional.pl Cross Site Scripting vulnerability OBB-3072086
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GO-2022-0422 Panic when decoding invalid blocks in github.com/ipld/go-codec-dagpb
The dag-pb codec can panic when decoding invalid blocks...
PT-2022-17563 · Unknown · Go-Codec-Dagpb
Name of the Vulnerable Software and Affected Versions: go-codec-dagpb versions prior to 1.3.1 Description: The dag-pb codec can panic when decoding invalid blocks, due to an assumption that the reported link length is accurate. If the block ends before the reported length, it results in a buffer...
Null pointer dereference
A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 2021-12-06 in bmpload. When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to pb-pdata and did not exit the program. So the program crashes when it tries to access the pb-data, i...
cid (>=0.3.2 <=0.4.0), dag-cbor (=0.1.0) +41 more potentially affected by CVE-2020-35909 via multihash (=0.10.1)
multihash CARGO version =0.10.1 is affected by a known vulnerability. The following packages have a transitive dependency on multihash and may be impacted: - cid =0.3.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.5.1, =0.0.1, =0.0.2 - libipld =0.1.0 - libipld-base =0.1.0 - libipld-core...
pb-autopart.tarad.com Cross Site Scripting vulnerability OBB-1460113
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
OSV-2020-1565 Heap-buffer-overflow in allocate_field
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24586 Crash type: Heap-buffer-overflow WRITE 8 Crash state: allocatefield pbdecstring decodebasicfield...
ambition-edc (>=0.3.68 <=0.3.72), caluma (>=5.2.1 <=5.6.0) +35 more potentially affected by CVE-2020-13596 via django (>=2.2.0 <=2.2.12)
django PYPI version =2.2.0, =0.3.68, =5.2.1, =0.1.0, =0.0.1, =0.0.1, =0.3.0a0, =0.0.1, =0.0.1, =0.0.26 and more Source cves: CVE-2020-13596 Source advisory: OSV:GHSA-2M34-JCJV-45XF...
ambition-edc (>=0.3.68 <=0.3.72), caluma (>=5.2.1 <=5.3.1) +28 more potentially affected by CVE-2020-9402 via django (>=2.2.0 <=2.2.10)
django PYPI version =2.2.0, =0.3.68, =5.2.1, =0.1.0, =0.0.1, =0.0.1, =0.0.1, =0.0.26 - django-smorest =0.1.3 - djangorestframework-simplejwt-captcha =1.1.4 - djpub =0.0.1 and more Source cves: CVE-2020-9402 Source advisory: OSV:PYSEC-2020-36...
pb-jb.org Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1039467 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting pb-jb.org website and its...