CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

EUVD-2022-6480

Malicious code in bioql PyPI...

GHSA-4M2G-668V-JWJX Cross site scripting in getkirby/starterkit

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

Cross site scripting in getkirby/starterkit

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

Cross site scripting

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

CVE-2022-35174

The CVE-2022-35174 entry covers a stored XSS in Kirby’s Starterkit v3.7.0.2, where an attacker can inject a crafted payload into the Tags field to execute arbitrary web scripts/HTML. The vulnerability affects Kirby Starterkit’s Tags handling, with a CVSS v3.1 base score of 5.4 (Medium) and all us...

CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

Kirby 跨站脚本漏洞

Kirby is a file-based content management system CMS. A cross-site scripting vulnerability exists in Kirby Starterkit version v3.7.0.2. An attacker can execute arbitrary web script or HTML via a specially crafted payload injected into the Tags field...

Authentication flaw

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Unlimited physical access to the PLC may lead to a manipulation of SD cards data. SD card manipulation may lead to an authentication bypass opportunit...

CVE-2019-10997

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be...

CVE-2019-10997

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be...

Code injection

An issue was discovered on Phoenix Contact AXC F 2152 No.2404267 before 2019.0 LTS and AXC F 2152 STARTERKIT No.1046568 before 2019.0 LTS devices. Protocol Fuzzing on PC WORX Engineer by a man in the middle attacker stops the PLC service. The device must be rebooted, or the PLC service must be...

alo7-airflow (>=1.10.0 <=1.10.0.7), autologin (>=0.1.1 <=0.1.3) +3 more potentially affected by CVE-2018-16516 via flask-admin (>=1.4.0 <=1.5.2)

flask-admin PYPI version =1.4.0, =1.10.0, =0.1.1, =0.6.7.post3, =4.2.6, =0.1.0, =0.2.0 Source cves: CVE-2018-16516 Source advisory: OSV:PYSEC-2018-54...