EUVD-2021-28966

Malicious code in bioql PyPI...

EUVD-2021-28583

Malicious code in bioql PyPI...

Tad Uploader License Issue Vulnerability

Tad Uploader is a file upload management module from the individual developers of Tad in Taiwan, China.An authorization issue vulnerability exists in Tad Uploader, which could be exploited by remote attackers to modify the names of folders in a booklist using this feature without logging in...

Tad Uploader Cross-Site Scripting Vulnerability

Tad Uploader is a file upload management module by the individual developer of Tad in Taiwan, China. A cross-site scripting vulnerability exists in Tad Uploader, which stems from the failure of the add subject of the book list function in the product to properly filter certain special characters...

CVE-2021-41976

Tad Uploader edit book list function is vulnerable to authorization bypass, thus remote attackers can use the function to amend the folder names in the book list without logging in...

CVE-2021-41976

Tad Uploader edit book list function is vulnerable to authorization bypass, thus remote attackers can use the function to amend the folder names in the book list without logging in...

CVE-2021-41567

The new add subject parameter of Tad Uploader view book list function fails to filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks...

CVE-2021-41567

The new add subject parameter of Tad Uploader view book list function fails to filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks...

Cross site scripting

The new add subject parameter of Tad Uploader view book list function fails to filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks...

CVE-2021-41976 Tad Uploader - Improper Authorization

Tad Uploader edit book list function is vulnerable to authorization bypass, thus remote attackers can use the function to amend the folder names in the book list without logging in...

CVE-2021-41976

The CVE refers to Tad Uploader where the edit book list function is vulnerable to an authorization bypass, allowing remote attackers to amend folder names in the book list without logging in. Affected product is Tad Uploader; the root cause is improper authorization on the book list edit operatio...

CVE-2021-41567 Tad Uploader - Stored XSS

The new add subject parameter of Tad Uploader view book list function fails to filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks...

CVE-2021-41567

The CVE-2021-41567 entry describes stored XSS in Tad Uploader’s view book list function, caused by insufficient filtering of the add subject parameter. Unauthenticated attackers can remotely inject JavaScript and execute client-side code. This vulnerability is corroborated by multiple connected r...

Tad Uploader 访问控制错误漏洞

Tad Uploader is a file upload management module from the individual developers of Tad in Taiwan, China.An authorization issue vulnerability exists in Tad Uploader, which could be exploited by remote attackers to modify the names of folders in a booklist using this feature without logging in...

PT-2021-23464 · Unknown · Tad Uploader

Name of the Vulnerable Software and Affected Versions: Tad Uploader affected versions not specified Description: The Tad Uploader edit book list function is vulnerable to authorization bypass. This allows remote attackers to amend the folder names in the book list without logging in...

Tad Uploader 跨站脚本漏洞

Tad Uploader is a file upload management module by the individual developer of Tad in Taiwan, China. A cross-site scripting vulnerability exists in Tad Uploader, which stems from the failure of the add subject of the book list function in the product to properly filter certain special characters...

xoops tad_uploader模块上传漏洞

Xoops是非常流行的动态web内容管理系统，用面向对象的PHP编写。 xoops taduploader模块catsn参数为空格时可以任意上传文件至uploads/taduploader/目录。 Xoops 2.4.3 厂商补丁： Xoops ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://xoops.sourceforge.net/ FORM action='http://URL/modules/taduploader/index.php' method='POST'...