39 matches found
EUVD-2023-23806
Malicious code in bioql PyPI...
EUVD-2023-23730
Malicious code in bioql PyPI...
CVE-2023-1572
A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the local host. The exploit has been disclosed to...
CVE-2023-1482
A vulnerability, which was classified as problematic, was found in HkCms 2.2.4.230206. This affects an unknown part of the file /admin.php/appcenter/local.html?type=addon of the component External Plugin Handler. The manipulation leads to code injection. It is possible to initiate the attack...
CVE-2023-1572
A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the local host. The exploit has been disclosed to...
CVE-2023-1572 DataGear Plugin cross site scripting
A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the local host. The exploit has been disclosed to...
CVE-2023-1572 DataGear Plugin cross site scripting
A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the local host. The exploit has been disclosed to...
PT-2023-17088 · Datagear · Datagear
Name of the Vulnerable Software and Affected Versions: DataGear versions up to 1.11.1 Description: A vulnerability has been found in the Plugin Handler component of DataGear, which can lead to cross site scripting. The manipulation can be launched on the local host. Upgrading to version 1.12.0 is...
DataGear 跨站脚本漏洞
DataGear is an open source and free data visualization and analysis platform from DataGear, Inc. A cross-site scripting vulnerability exists in versions of DataGear prior to 1.11.1, which stems from a problem with the component Plugin Handler that can lead to cross-site scripting...
CVE-2023-1482
A vulnerability, which was classified as problematic, was found in HkCms 2.2.4.230206. This affects an unknown part of the file /admin.php/appcenter/local.html?type=addon of the component External Plugin Handler. The manipulation leads to code injection. It is possible to initiate the attack...
PT-2023-17019 · Hkcms · Hkcms
Name of the Vulnerable Software and Affected Versions: HkCms version 2.2.4.230206 Description: A problematic issue was found in the External Plugin Handler component, affecting an unknown part of the file /admin.php/appcenter/local.html?type=addon. This issue leads to code injection and can be...
Mozilla Firefox Security Advisory (MFSA2013-10) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
SeaMonkey 2.14.x < 2.15 Multiple Vulnerabilities
Binary data 6670.prm...
Event manipulation in plugin handler to bypass same-origin policy — Mozilla
Mozilla security researcher Jesse Ruderman reported that events in the plugin handler can be manipulated by web content to bypass same-origin policy SOP restrictions. This can allow for clickjacking on malicious web pages...
Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow (CVE-2010-3552)
Java Technology is a programming platform which aims to provide a system for developing and deploying cross-platform applications. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which will allow execution of arbitrar...
CentOS Update for seamonkey CESA-2010:0557 centos3 i386
Check for the Version of seamonkey OpenVAS Vulnerability Test CentOS Update for seamonkey CESA-2010:0557 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...
CentOS 4 : firefox (CESA-2010:0558)
Updated firefox packages that fix a security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availab...
Mambo/Joomla plugin.class.php脚本远程文件包含漏洞
Mambo(也被称为Joomla)是一款开放源代码的WEB内容管理系统。 Mambo在处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 在Mambo的comcomprofiler文件夹的plugin.class.php脚本中: -----------------------plugin.class.php---------------------- ?php / Plugin handler @package Joomla @author various, JoomlaJoe and Beat / requireonce...
Mambo/Joomla com_comprofiler Components <== v1.0 RC 2 Multiple Remote File Include Vulnerabilities
--------------------------------------------------------------------------- Mambo/Joomla comcomprofiler Components == v1.0 RC 2 Multiple Remote File Include Vulnerabilities --------------------------------------------------------------------------- Author : Matdhule Date : August, 25th 2006...