CVE-2023-24531

Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...

CVE-2024-32464

Action Text brings rich text content and editing to Rails. Instances of ActionText::Attachable::ContentAttachment included within a richtextarea tag could potentially contain unsanitized HTML. This vulnerability is fixed in 7.1.3.4 and 7.2.0.beta2...

Daily Habit Tracker 1.0 Cross Site Scripting

Exploit Title: Daily Habit Tracker 1.0 - Stored Cross-Site Scripting XSS Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0...

CVE-2024-27287

ESPHome is a system to control your ESP8266/ESP32 for Home Automation systems. Starting in version 2023.12.9 and prior to version 2024.2.2, editing the configuration file API in dashboard component of ESPHome version 2023.12.9 command line installation and Home Assistant add-on serves unsanitized...

SQL Injection

intelliants/subrion is vulnerable to SQL Injection. The vulnerability is due to unsanitized user-controlled data used while constructing a query. This allows attackers to manipulate sql queries and execute arbitrary sql commands...

SQL Injection

org.apache.streampark, streampark is vulnerable to SQL Injection. The vulnerability is due to not sanitizing user input used inside a name-based fuzzy search e.g: job names, role names in some of the pages of the application. An attacker can use illegal parameters for the search leading to SQL...

Cross site scripting

The User Registration WordPress plugin before 3.0.4.2 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-43797 BigBlueButton Stored Cross-site Scripting vulnerability at Guest Lobby

BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby...

CVE-2023-40311 Stored XSS in multiple JSP files in opennms/opennms

Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....

Hardcoded credentials

An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this...

CVE-2022-48599

A SQL injection vulnerability exists in the “reporter events type” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

Command injection

A command injection vulnerability exists in the “dash export” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

Command injection

A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

GHSA-X49M-3CW7-GQ5Q jcvi vulnerable to Configuration Injection due to unsanitized user input

Summary A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lead to a command injection. PoC The vulnerable code snippet is...

CVE-2023-30547

A flaw was found in the vm2 sandbox. When exception handling is triggered, an unsanitized host is not managed properly. This issue may allow an attacker to bypass the sandbox protections, which can lead to remote code execution on the hypervisor host or the host that is running the sandbox...

Shoplazza 1.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: Shoplazza 1.1 - Stored Cross-Site Scripting XSS Exploit Author: Andrey Stoykov Software Link: https://github.com/Shoplazza/LifeStyle Version: 1.1 Tested on: Ubuntu 20.04 Stored XSS 1: To reproduce do the following: 1. Login as normal user account 2. Browse "Blog Posts" - "Manage...

Cross-site Scripting (XSS)

github.com/grafana/grafana is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to React's render cycle in the "Text" plugin which passes through the unsanitized HTML code, allowing an attacker with an editor role to inject and execute malicious JavaScript, and take over the...

CVE-2023-23925 Switcher Client contains Regular Expression Denial of Service (ReDoS)

Switcher Client is a JavaScript SDK to work with Switcher API which is cloud-based Feature Flag. Unsanitized input flows into Strategy match operation EXIST, where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack reDOS. This issue has been...

SQL Injection

CakePHP is vulnerable to SQL Injection attacks. The vulnerability exists in limit and offset functions of Query.php due to unsantized user input which allows an attacker to inject and execute arbitrary SQL queries...

CVE-2023-0448

The WP Helper Lite WordPress plugin, in versions 4.3, returns all GET parameters unsanitized in the response, resulting in a reflected cross-site scripting vulnerability...