GHSA-74M5-2C7W-9W3X MultipartParser denial of service with too many fields or files

Impact The MultipartParser using the package python-multipart accepts an unlimited number of multipart parts form fields or files. Processing too many parts results in high CPU usage and high memory usage, eventually leading to an OOM process kill. This can be triggered by sending too many small...

MultipartParser denial of service with too many fields or files

Impact The MultipartParser using the package python-multipart accepts an unlimited number of multipart parts form fields or files. Processing too many parts results in high CPU usage and high memory usage, eventually leading to an OOM process kill. This can be triggered by sending too many small...

Shopxp v8.0 SQL Injection 0day

系统使用了早期的枫叶防注系统，只过滤了GET，并且可以绕过，这里不谈绕过的问题了，我们看到 xplistpl.asp 9-36行代码： table width="100%" border="0" cellspacing="0" cellpadding="0" tr td width="88%"TABLE cellSpacing=0 cellPadding=0 width=100% align=center border=0 TBODY TR td width="1" background="imgshopxp/xiao/bgbg.gif"/td TD class=b vAlign=top...