10 matches found
EUVD-2022-3678
Malicious code in bioql PyPI...
CVE-2019-17496
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion...
GHSA-F3XR-Q258-H7M9 Craft CMS XSS Vulnerability
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion...
Craft CMS XSS Vulnerability
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion...
CVE-2019-17496
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion...
CVE-2019-17496
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion...
Arbitrary file deletion
Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion...
CVE-2019-17496
Craft CMS prior to 3.3.8 is affected by a stored XSS in the site deletion flow where the name field is mishandled. The issue enables injection through the name field and is limited to Craft CMS versions before 3.3.8; upgrading to 3.3.8 or later is the documented remediation. The CVE description a...
Authorization Bypass
phpmyfaq/phpmyfaq is vulnerable to authorization bypasses. The library does not properly handle the instance ID, allowing a malicious user with admin rights to delete a multi-site master instance...
cscms V4.1.8 version of the background of the existence of arbitrary file deletion vulnerability
Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. cscms V4.1.8 version of the background of the existence of arbitrary file deletion vulnerability, an attacker can be exploited to cause the entire site to be deleted...