PT-2026-4377

Name of the Vulnerable Software and Affected Versions pixelgrade Nova Blocks versions through 2.1.9 Description The software contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-site Scripting XSS condition. This allows for potential maliciou...

CVE-2024-41131

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9...

CVE-2024-41131 Out-of-bounds Write in SixLabors ImageSharp

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9...

CVE-2024-41131

CVE-2024-41131 describes an Out-of-bounds Write vulnerability in the ImageSharp gif decoder of SixLabors.ImageSharp, allowing an attacker to crash the application via a specially crafted GIF file, with potential denial of service. Affected component: ImageSharp GIF decoding path within the 2D gra...

CVE-2023-39121

emlog v2.1.9 was discovered to contain a SQL injection vulnerability via the component /admin/user.php...

Sql injection

emlog v2.1.9 was discovered to contain a SQL injection vulnerability via the component /admin/user.php...

CVE-2023-39121

emlog v2.1.9 was discovered to contain a SQL injection vulnerability via the component /admin/user.php...

CVE-2023-39121

CVE-2023-39121 affects emlog version 2.1.9. A SQL injection vulnerability exists in emlog’s admin/user.php handling and also, per the Nuclei template, in the data backup/restore functionality due to unsanitized input. Impact: attackers with admin credentials could potentially execute arbitrary SQ...

Tautulli v2.1.9 - Shutdown Denial of Service

Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the /shutdown URL. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tautulli v2.1.9 - Shutdown Denial of Service',...

CVE-2018-17423

An issue was discovered in e107 v2.1.9. There is a XSS attack on e107admin/comment.php...

Design/Logic Flaw

An issue was discovered in e107 v2.1.9. There is a XSS attack on e107admin/comment.php...

CVE-2018-17423

An issue was discovered in e107 v2.1.9. There is a XSS attack on e107admin/comment.php...

Anker Nebula Capsule Pro Denial of Service Vulnerability

The Anker Nebula Capsule Pro is a projector device from Anker Innovations, USA. A security vulnerability exists in the Anker Nebula Capsule Pro NBUIM1V2.1.9 version. An attacker can exploit the vulnerability by sending data to the WifiService with the help of a specially crafted application to...

eXtplorer 2.1.9 - '.ZIP' Directory Traversal

/ + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EXTPLORER-ARCHIVE-PATH-TRAVERSAL.txt + ISR: apparitionsec Vendor: ============== extplorer.net Product: ================== eXtplorer v2.1.9 eXtplorer is a PHP and...