Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:2 a.m.7 views

CVE-2018-16622

Multiple cross-site scripting XSS vulnerabilities in /api/content/addOne in DoraCMS v2.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 discription or 2 comments field, related to users/userAddContent...

5.4CVSS5.9AI score0.00788EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/09/08 12:0 a.m.6 views

多款 XWiki Platform 产品代码注入漏洞

XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from XWiki France. A security vulnerability exists in the XWiki Platform Tag UI versions prior to 13.10.6 and 14.4, which stems from the fact that the tag document "Main.Tags" is not properly cleaned up from...

9.9CVSS8.4AI score0.73608EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2019/04/24 12:0 a.m.219 views

RARLAB WinRAR ACE Format Input Validation Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework TODO: add other non-payload files class MetasploitModule 'RARLAB WinRAR ACE Format Input Validation Remote Code Execution', 'Description' = %q In WinRAR versions prior t...

6.8CVSS0.3AI score0.96274EPSS
Exploits13
CNVD
CNVD
added 2015/06/05 12:0 a.m.4 views

Moodle 'tag/user.php' Security Bypass Vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security bypass vulnerability exists in the Moodle 'tag/user.php' script. The vulnerability is due to the program failing to check th...

4CVSS6.9AI score0.01712EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2011/04/26 12:0 a.m.22 views

phpList 2.10.x - 'email' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47580/info PHPList is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/06/27 12:0 a.m.25 views

Ceica-GW - 'login.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40917/info Ceica-GW is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/04/29 12:0 a.m.19 views

PeerCast 0.1218 - 'getAuthUserPass' Multiple Buffer Overflow Vulnerabilities

source: https://www.securityfocus.com/bid/28986/info PeerCast is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized buffer. Successfully exploiting these issues will allow an attacker to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/10/05 12:0 a.m.25 views

Microsoft Virtual Machine 2000/3100/3200/3300 Series - 'com.ms.activeX.ActiveXComponent' Arbitrary Program Execution

source: https://www.securityfocus.com/bid/1754/info If a malicious website operator were to embed a specially crafted java object into a HTML document, it would be possible to execute arbitrary programs on a target host viewing the webpage through either Microsoft Internet Explorer or Outlook. Th...

7.4AI score
Exploits0
Rows per page
Query Builder