1864 matches found
CVE-2023-31806
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function...
Cross site scripting
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function...
kernel: blk-mq: avoid double ->queue_rq() because of early timeout
In the Linux kernel, the following vulnerability has been resolved: blk-mq: avoid double -queuerq because of early timeout David Jeffery found one double -queuerq issue, so far it can be triggered in VM use case because of long vmexit latency or preempt latency of vCPU pthread or long page fault ...
Chamilo LMS 跨站脚本漏洞
Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A cross-site scripting vulnerability exists in Chamilo LMS version v.1.11.18....
WordPress Progress Bar Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS)
Software Progress Bar Type Plugin Vulnerable versions = 2.2.1 Fixed in 2.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23699 Patch priority Low CVSS severity Low 6.5 Developer jazzs3quence PSID f509ee490678 Credits yuyudhn Required privilege...
wip 命令注入漏洞
wip is a simple WIP Github operation written in Bash by the German individual developer Michael Gasch. A command injection vulnerability exists in versions prior to wip v2, which stems from string interpolation leading to a command injection vulnerability...
Progress Flowmon 路径遍历漏洞
Progress Flowmon is a real-time network traffic monitoring tool from Progress. A security vulnerability exists in Progress Flowmon versions prior to 12.2.0, which stems from a path traversal vulnerability that can be exploited by an attacker to retrieve files on the device's local file system...
Progress Flowmon 跨站脚本漏洞
Progress Flowmon is a real-time network traffic monitoring tool from Progress. A security vulnerability exists in versions of Progress Flowmon prior to 12.2.0, which stems from an application endpoint's inability to clean up user-supplied input, and which can be exploited by an attacker to execut...
PT-2025-41064
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel has a flaw related to the md Multiple Devices subsystem. Specifically, the status resync function can experience a soft lockup during the calculation of 'curr resync -...
CVE-2023-29376
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...
CVE-2023-29375
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...
CVE-2023-29376
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...
Code injection
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...
Design/Logic Flaw
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...
CVE-2023-29376
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potential XSS by privileged users in Sitefinity to media libraries...
CVE-2023-29375
An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647, 14.0 before 14.0.7736, 14.1 before 14.1.7826, 14.2 before 14.2.7930, and 14.3 before 14.3.8025. There is potentially dangerous file upload through the SharePoint connector...
CVE-2023-29376
Product affected: Progress Sitefinity (versions 13.3.x up to 13.3.7646; 14.0 up to 14.0.7735; 14.1 up to 14.1.7825; 14.2 up to 14.2.7929; 14.3 up to 14.3.8024).** Vulnerability: Cross-site scripting (XSS) by privileged users targeting media libraries.** CVE: CVE-2023-29376.** Root cause / impact ...
PT-2023-22232 · Progress · Progress Sitefinity
Name of the Vulnerable Software and Affected Versions: Progress Sitefinity versions 13.3 through 13.3.7646 Progress Sitefinity versions 14.0 through 14.0.7735 Progress Sitefinity versions 14.1 through 14.1.7825 Progress Sitefinity versions 14.2 through 14.2.7929 Progress Sitefinity versions 14.3...
Progress Sitefinity 跨站脚本漏洞
Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity Series 13.3, versions prior to 13.3.7647, Series 14.0, versions prior to 14.0.7736, Series 14.1, versions prior to 14.1.7826, Series 14.2, versions...
Progress Sitefinity 代码问题漏洞
Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity Series 13.3, versions prior to 13.3.7647, Series 14.0, versions prior to 14.0.7736, Series 14.1, versions prior to 14.1.7826, Series 14.2, versions...