13 matches found
EUVD-2018-18136
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-40662
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privileg...
CVE-2022-3095
The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '' characters in URIs, which can lead to auth bypass in webapp...
CVE-2022-3095
CVE-2022-3095 affects Dart/Flutter: the Dart URI class uses RFC 3986 syntax for backslash parsing, diverging from WhatWG URL standards and causing incompatibilities with \ in URIs. This can enable authentication bypass in web apps that parse URIs. Affected: Dart versions prior to 2.18 and Flutter...
Joomla! 3.3.x < 3.8.4 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. CVE-2018-6380 - The XSS vulnerability in comfields as noted in the...
Joomla! 3.6.x < 3.8.4 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. CVE-2018-6380 - The XSS vulnerability in comfields as noted in the...
Joomla! 3.4.x < 3.8.4 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. CVE-2018-6380 - The XSS vulnerability in comfields as noted in the...
Joomla! 1.6.x < 3.8.4 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. CVE-2018-6380 - The XSS vulnerability in comfields as noted in the...
Joomla! 3.2.x < 3.8.4 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. CVE-2018-6380 - The XSS vulnerability in comfields as noted in the...
Joomla! 1.5.0 < 3.8.4 Multiple Vulnerabilities
According to its self-reported version number, the Joomla! installation running on the remote web server is 1.5.0 or later but prior to 3.8.4. It is, therefore, affected by multiple XSS and SQLi vulnerabilities : - The XSS vulnerability in module chromes as noted in the 20180101 announcement...
Joomla! cross-site scripting vulnerability (CNVD-2018-04201)
Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds , site search and other features . Uri class is one of the analytics resources unified identifier component . A cross-site scripting vulnerability exists in Uri...
CVE-2018-6379
CVE-2018-6379 affects Joomla! up to version 3.8.3, due to inadequate input filtering in the Uri (JUri) class, enabling XSS. Affected range: 1.5.0–3.8.3; fixed in 3.8.4. Connected scans confirm the Uri class XSS (CVE-2018-6379) among Joomla! vulnerabilities; no exploitation details provided in the...
[20180103] - Core - XSS vulnerability in Uri class
Inadequate input filtering in the Uri class formerly JUri leads to a XSS vulnerability...