25 matches found
jsoup 跨站脚本漏洞
Github jsoup is a Java library for working with real-world HTML. A security vulnerability exists in versions of jsoup prior to 1.15.3, which stems from the possibility that uncleaned input may be retained...
The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures for cleaning incoming data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
AbanteCart 1.2.7 Cross Site Scripting
Exploit Title: AbanteCart 1.2.7 Stored XSS Date: 06-12-2016 Software Link: http://www.abantecart.com/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description By default all user input is escaped using...
The vulnerability of the Linux operating system, which allows a malicious individual to trigger a local service failure
In the HID driver for the Zeroplus gaming manipulator, there is no mechanism for cleaning the entered information, which leads to local service failure...
The vulnerability of the Ruby Colorscore interpreter extension, which allows a hacker to execute arbitrary code.
The vulnerability of the class initialization method Histogram lib/colorscore/histogram.rb in the Ruby Colorscore extension is related to the lack of measures to clean input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using metasymbols in variables like...