14 matches found
EUVD-2018-19001
Malware in sbrugna...
EUVD-2017-15963
Malware in sbrugna...
Shimmie cross-site scripting vulnerability (CNVD-2018-06088)
Shimmie is a set of image panels for installing and configuring Web sites. A cross-site scripting vulnerability exists in Shimmie 2 version 2.6.0, which stems from the program failing to properly handle uploaded SVG files. A remote attacker can exploit the vulnerability by uploading a specially...
Cross site scripting
Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file that enables stored XSS...
CVE-2018-7265
Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file that enables stored XSS...
CVE-2018-7265
Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file that enables stored XSS...
CVE-2018-7265
Shimmie 2 2.6.0 is affected by a stored XSS vulnerability triggered by uploading a crafted SVG file. The root cause is improper handling of uploaded SVGs, allowing attacker-supplied JavaScript to be stored and later executed in the victim’s context. Affected component: the image upload handling i...
CVE-2018-7265
Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file that enables stored XSS...
Shimmie Cross-Site Scripting Vulnerability
Shimmie is a danbooru style image board that is easy to install, run and extend. Shimmie suffers from a cross-site scripting vulnerability that arises due to a failure to effectively filter user-submitted data, allowing an attacker to plant arbitrary JavaScript code on the target website to obtai...
Authorization
An issue was discovered in Shimmie = 2.5.1. The vulnerability exists due to insufficient filtration of user-supplied data log passed to the "shimmie2-master/ext/chatbox/history/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...
CVE-2017-6909
An issue was discovered in Shimmie = 2.5.1. The vulnerability exists due to insufficient filtration of user-supplied data log passed to the "shimmie2-master/ext/chatbox/history/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...
CVE-2017-6909
An issue was discovered in Shimmie = 2.5.1. The vulnerability exists due to insufficient filtration of user-supplied data log passed to the "shimmie2-master/ext/chatbox/history/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...
CVE-2017-6909
CVE-2017-6909 affects Shimmie
CVE-2017-6909
An issue was discovered in Shimmie = 2.5.1. The vulnerability exists due to insufficient filtration of user-supplied data log passed to the "shimmie2-master/ext/chatbox/history/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...