5 matches found
PT-2025-34723 · Mblog · Mblog
Name of the Vulnerable Software and Affected Versions: mtons mblog versions prior to 3.5.1 Description: A flaw has been found in mtons mblog up to version 3.5.0. The issue affects an unknown function within the /search file. Manipulation of the kw argument causes cross-site scripting. The attack...
PT-2022-27703 · Alist · Alist
Name of the Vulnerable Software and Affected Versions: Alist version 3.4.0 Description: The issue allows a user with only file upload permission to upload any file to any folder, including those that are password protected. Recommendations: For Alist version 3.4.0, update to version 3.5.1 to...
PT-2022-16009 · Openrazer +1 · Openrazer +1
Name of the Vulnerable Software and Affected Versions: OpenRazer versions prior to 3.5.1 Description: OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device, an attacker can leak stack addresses of the...
PT-2021-3541 · Redcarpet +1 · Redcarpet +1
Name of the Vulnerable Software and Affected Versions: Redcarpet versions prior to 3.5.1 Description: The issue is related to incorrect input sanitization in the Redcarpet library, which can enable a cross-site scripting attack. This is due to the lack of HTML escaping when processing quotes, eve...
PT-2014-2415 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.5.1 Description: The issue is related to the futex wait requeue pi function in the Linux kernel, which does not properly validate futex addresses. This can be exploited by local users to cause a denial of...