CVE-2022-45133

Affected software: Mahara. Vulnerable versions: 21.10 < 21.10.6, 22.04 < 22.04.4, 22.10

CVE-2025-49577

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1...

CVE-2025-49577

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1...

CVE-2025-49576

Summary (mode C): CVE-2025-49576 affects the Citizen MediaWiki skin (StarCitizenTools) used in Wikis that employ the Citizen skin. The vulnerability arises because the system messages citizen-search-noresults-title and citizen-search-noresults-desc are inserted into raw HTML, allowing an attacker...

CVE-2018-14056

ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories...

Winamp skin.xml皮肤文件处理缓冲区溢出漏洞

BUGTRAQ ID: 34009 Winamp是一款流行的媒体播放器，支持多种文件格式。 如果Winamp受骗加载了恶意的皮肤文件的话，就可能触发缓冲区溢出，导致在用户系统上执行任意代码。 Nullsoft Winamp 5.541 厂商补丁： Nullsoft -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.winamp.com/ http://www.sebug.net/exploit/5933/...

CVE-2000-1112

Microsoft Windows Media Player 7 executes scripts in custom skin .WMS files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability...