9 matches found
SQL Injection
Overview org.xwiki.platform:xwiki-platform-oldcore is a generic wiki platform offering runtime services for applications built on top of it. Affected versions of this package are vulnerable to SQL Injection via the searchDocuments API. An attacker can execute arbitrary SQL queries on the underlyi...
Pimcore 跨站脚本漏洞
Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A cross-site scripting vulnerability exists in...
Stored XSS in module name "Search Documents"
Description The search documents function was infected with xss because the title payload was not filtered resulting in xss when searching to /de. Proof of Concept 1.Go to edit page title /de 2.Enter this xss code 3.Go to "Search Documents" and type in "77" search box to find /de -- xss will be...
Malicious code in perf-search-documents (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb586cca0b2de02fff1057f548dba4887dd3b2ffaec498d2fb80432bef8ec9f7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5989 Malicious code in search-documents (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d766a559ac60a5a49bdcf49f60e171420b152d4eb98b8f941c094927f0a5058 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in search-documents (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d766a559ac60a5a49bdcf49f60e171420b152d4eb98b8f941c094927f0a5058 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @azure-tests/perf-search-documents (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f2237723a6fdf9b67623ef054f822f99d0e07663d04182ba616f88121f800b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1375 Malicious code in azure-search-documents (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 593f8130bfe080437256f79540f957cb19721fc1caa66b41f5874e0f0fbcc80d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in azure-search-documents (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 593f8130bfe080437256f79540f957cb19721fc1caa66b41f5874e0f0fbcc80d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...