Gila CMS 跨站脚本漏洞

Gila CMS is an open source content management system CMS based on PHP and MySQL from Gila CMS. A cross-site scripting vulnerability exists in Gila CMS version 1.10.9, which stems from the parameter content in file /cm/updaterows/page?id=2 that can lead to a cross-site scripting attack...

An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count.

...

Buffer Overflow

Overview rockhopper is a package that works with ragged rows with different lengths 2D NumPy arrays. Affected versions of this package are vulnerable to Buffer Overflow through the manipulation of the argument raw in the countrows function. An attacker can execute arbitrary code by supplying...

CVE-2024-1078

The Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aysquickstart and addquestionrows functions in all versions up to, and including, 6.5.2.4. This makes it possible for authenticated attackers, with subscriber-level acce...

WordPress Plugin Quiz Maker Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2024-16539 · WordPress · Quiz Maker

Name of the Vulnerable Software and Affected Versions: The Quiz Maker plugin for WordPress versions up to, and including, 6.5.2.4 Description: The issue is related to a missing capability check on the ays quick start and add question rows functions. This allows authenticated attackers with...

UBUNTU-CVE-2023-38618

Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the intege...

GHSA-C2V4-CHX5-VFF6 Duplicate Advisory: Integer overflow in cmark-gfm table parsing extension leads to heap memory corruption

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-fmx4-26r3-wxpf. This link is maintained to preserve external references. Original Description CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result...

DEBIAN-CVE-2024-22051

CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker...

UBUNTU-CVE-2024-22051

CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker...

postgresql: MERGE fails to enforce UPDATE or SELECT row security policies

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows...

PySQLRecon - Offensive MSSQL Toolkit Written In Python, Based Off SQLRecon

PySQLRecon is a Python port of the awesome SQLRecon project by @sanjivkawa. See the commands section for a list of capabilities. Install PySQLRecon can be installed with pip3 install pysqlrecon or by cloning this repository and running pip3 install . Commands All of the main modules from SQLRecon...

CVE-2023-43887

Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the numtilecolumns and numtilerow parameters in the function picparameterset::dump...

PT-2023-8875 · Libde265 +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.12 Description: The issue is related to a buffer overflow in the pic parameter set::dump function of the h.265 Libde265 video codec, specifically through the num tile columns and num tile row parameters. This could allow ...

CVE-2023-45367

An issue was discovered in the CheckUser extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. A user can use a rest.php/checkuser/v0/useragent-clienthints/revision/ URL to store an arbitrary number of rows in cuuseragentclienthints, leading to a...

HelpDezk SQL Injection Vulnerability

HelpDezk is a powerful software from HelpDezk Inc. for managing requests/events. HelpDezk version 1.1.10 suffers from a SQL injection vulnerability that originates from allowing a remote attacker to send a specially crafted SQL query to the rows parameter of the jsonGrid routing and extract all...

ALPINE-CVE-2023-39418

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows...

CVE-2020-20726

Cross Site Request Forgery vulnerability in Gila GilaCMS v.1.11.4 allows a remote attacker to execute arbitrary code via the cm/updaterows/user parameter...

CVE-2020-20726

Cross Site Request Forgery vulnerability in Gila GilaCMS v.1.11.4 allows a remote attacker to execute arbitrary code via the cm/updaterows/user parameter...

Cross site request forgery (csrf)

Cross Site Request Forgery vulnerability in Gila GilaCMS v.1.11.4 allows a remote attacker to execute arbitrary code via the cm/updaterows/user parameter...