Lucene search
+L

5 matches found

Veracode
Veracode
added 2023/10/27 6:4 a.m.12 views

Cross-site Scripting (XSS)

baserproject/basercms is vulnerable to Cross-site Scripting XSS. The vulnerability in the favorite feature of form.php because it fails to properly escape malicious characters before rendering. This allows an attacker to inject and execute malicious JavaScript in the web browser when accessing th...

6.1CVSS6.7AI score0.0047EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2021/09/15 12:0 a.m.18 views

body-parser-xml code issue vulnerability

body-parser-xml is an XML body parser that converts incoming XML data into a JSON representation. a code issue vulnerability exists in body-parser-xml, which stems from an error in the product's implementation of certain functionality. No details of the vulnerability are currently available...

9.8CVSS3.5AI score0.01299EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/12/26 5:31 a.m.30 views

CVE-2020-35284

Flamingo aka FlamingoIM through 2020-09-29 allows ../ directory traversal because the only ostensibly unpredictable part of a file-transfer request is an MD5 computation; however, this computation occurs on the client side, and the computation details can be easily determined because the product'...

7.7AI score0.01617EPSS
Exploits1References1
Prion
Prion
added 2019/03/28 6:29 a.m.17 views

Deserialization of untrusted data

The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found in the product's source code. By sending a...

7.5CVSS9.7AI score0.21238EPSS
Exploits1References2Affected Software1
Packet Storm
Packet Storm
added 2010/06/12 12:0 a.m.24 views

FaraBord Product's Shell Upload / Cross Site Scripting

Securitylab.ir Application Info: Name: FaraBord Product's Vendor: http://farabord.com Vulnerability Info: Type: Remote Arbitrary File Upload,XSS Risk: High Remote File Upload: http://site.ir/fckeditor/editor/filemanager/upload/test.html Shell.asp Rename to Shell.ASA Uploaded Here:...

Exploits0
Rows per page
Query Builder