Lucene search
K

25 matches found

CNNVD
CNNVD
added 2022/08/29 12:0 a.m.2 views

jsoup 跨站脚本漏洞

Github jsoup is a Java library for working with real-world HTML. A security vulnerability exists in versions of jsoup prior to 1.15.3, which stems from the possibility that uncleaned input may be retained...

6.1CVSS6.8AI score0.01208EPSS
Exploits1References11
BDU FSTEC
BDU FSTEC
added 2021/12/07 12:0 a.m.4 views

The vulnerability of the Adobe Experience Manager content and media data management system, related to the lack of measures for cleaning incoming data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9.8CVSS8.2AI score0.05757EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2016/12/06 12:0 a.m.50 views

AbanteCart 1.2.7 Cross Site Scripting

Exploit Title: AbanteCart 1.2.7 Stored XSS Date: 06-12-2016 Software Link: http://www.abantecart.com/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description By default all user input is escaped using...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Linux operating system, which allows a malicious individual to trigger a local service failure

In the HID driver for the Zeroplus gaming manipulator, there is no mechanism for cleaning the entered information, which leads to local service failure...

4.7CVSS6.5AI score0.00419EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/02/12 12:0 a.m.8 views

The vulnerability of the Ruby Colorscore interpreter extension, which allows a hacker to execute arbitrary code.

The vulnerability of the class initialization method Histogram lib/colorscore/histogram.rb in the Ruby Colorscore extension is related to the lack of measures to clean input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using metasymbols in variables like...

10CVSS8.2AI score0.0353EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder