Lucene search
+L

62 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-29622

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.01082EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in markup-web-editor (npm)

The package markup-web-editor was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-25958 Malicious code in markup-web-editor (npm)

The package markup-web-editor was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/01/17 8:13 p.m.8 views

CVE-2025-23039 Cross Site Scripting on URL decode Tooltip in Caido

Caido is a web security auditing toolkit. A Cross-Site Scripting XSS vulnerability was identified in Caido v0.45.0 due to improper sanitization in the URL decoding tooltip of HTTP request and response editors. This issue could allow an attacker to execute arbitrary scripts, potentially leading to...

5.2CVSS6.2AI score0.00235EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/31 12:0 a.m.5 views

wangEditor Security Vulnerability

wangEditor is an open source Web rich text editor from wangEditor Inc. A security vulnerability exists in wangEditor version 4.7.11, which stems from vulnerability to cross-site scripting XSS attacks...

5.4CVSS5.9AI score0.00268EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.3 views

Slate 访问控制错误漏洞

slate is an extensible WYSIWYG web application from slate for quickly creating interactive, data-driven web pages. A security vulnerability exists in Slate versions prior to 6.207.0, which stems from a lack of source validation in the sandbox that could be exploited by a malicious user to modify...

5.3CVSS5.7AI score0.00176EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/22 12:0 a.m.5 views

ICEcoder 路径遍历漏洞

ICEcoder is a browser-based code editor that provides a modern approach to building websites. By allowing you to write code directly in your web browser. A security vulnerability exists in ICEcoder version v8.1 that stems from an attacker being able to perform directory traversal...

7.5CVSS7.4AI score0.01425EPSS
Exploits1References5
RubySec
RubySec
added 2022/05/24 12:0 a.m.7 views

Improper Neutralization of Input During Web Page Generation in CKEditor4

A cross-site scripting XSS vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote attackers to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs...

6.1CVSS6AI score0.02018EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/01/26 12:0 a.m.8 views

CKEditor Security Vulnerabilities

CKEditor is an open source, web-based text editor. A security vulnerability exists in CKEditor prior to CKEditor 4.16, which allows redos-type attacks to be executed in CKEditor 4 by inducing a victim to paste carefully crafted text into the styled input of a specific dialog box...

6.5CVSS6.9AI score0.01962EPSS
Exploits0References7
CNVD
CNVD
added 2020/06/08 12:0 a.m.5 views

Raonwiz DEXT5 Editor Arbitrary File Download Vulnerability

Raonwiz DEXT5 Editor is an HTML-based Web editor from the Korean company Raonwiz. A security vulnerability exists in the handler/uploadhandler.jsp file in Raonwiz DEXT5 Editor 3.5.1402961 and earlier versions. An attacker can exploit this vulnerability to download arbitrary files with the help of...

7.5CVSS6.9AI score0.01104EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/27 12:0 a.m.8 views

Progress Kendo UI Editor Cross-Site Scripting Vulnerability

Progress Kendo UI Editor is a complete UI toolkit for web development. A cross-site scripting vulnerability exists in Progress Kendo UI Editor that allows an attacker to execute JavaScript within the context of the editor itself...

6.1CVSS6AI score0.01174EPSS
Exploits2References1
CNVD
CNVD
added 2017/06/15 12:0 a.m.3 views

Stored XSS Vulnerability in Full Version of UEditor

UEditor is developed by Baidu web front-end R & D Department of WYSIWYG rich text web editor . A stored XSS vulnerability exists in all versions of UEditor. An attacker can exploit this vulnerability to execute javascript code in a file...

6.5AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Amaya Web Editor <= 11.0 - Remote Buffer Overflow PoC

No description provided by source. !/usr/bin/perl -w Amaya Web Editor = 11.0 Remote Buffer Overflow P0c By Mountassif Moad Stack Here D : http://www.w3.org/Amaya/Distribution/amaya-WinXP-11.0.exe EAX 00000001 ECX 0F866A64 EDX 0083AA64 amaya.0083AA64 EBX 00000000 ESP 0012D080 EBP 00000006 ESI...

7.1AI score
Exploits0
myhack58
myhack58
added 2012/05/01 12:0 a.m.16 views

South Korea, a web editor 0day analysis-vulnerability warning-the black bar safety net

The editor in South Korea used more widely, www.hani.co.kr and www.kbs.co.kr and www.joinsmsn.com 中都 有 使用 the. Due to the greatly station, the specific program name is not easy to directly publish. Following only the problem code to do a brief analysis. The main problem is that the upload class i...

0.7AI score
Exploits0
myhack58
myhack58
added 2010/06/13 12:0 a.m.14 views

A system syWebEditor upload exploit-vulnerability warning-the black bar safety net

Keywords: inurl:syWebEditor EXP:/syWebEditor/SelUploadFile. asp? obj=ProPhoto&fileType=gif%7Cjpg%7Cpng% 7C&filePathType=1&filePath=/PhotoFile/ProFile/ poc:http://www. myhack58. com/syWebEditor/SelUploadFile. asp? obj=ProPhoto&fileType=gif%7Cjpg%7Cpng% 7C&filePathType=1&filePath=/PhotoFile/ProFile...

0.3AI score
Exploits0
myhack58
myhack58
added 2010/03/27 12:0 a.m.15 views

From learning webshell hide to Ferret out the simple analysis-vulnerability warning-the black bar safety net

webshell,do not say it!, The back door,ancient and modern breaking the network must home,great bite is stab,thousand station with the waste of the said,blowing a big,theme. First of all, we in the dark said,once into the site,it will leave the back door,but the current mainstream is asp,php free...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/09/02 12:0 a.m.19 views

Ve-EDIT 0.1.4 Local File Inclusion

------------------------------------------------------------------------------------- Ve-EDIT v 0.1.4 debugphp.php LFI Vulnerability ------------------------------------------------------------------------------------- Author: CoBRa21 Mail: uykucuatwindowslivedotcom Script Download:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/04/02 12:0 a.m.23 views

Amaya 11.1 XHTML Buffer Overflow

=cicatriz ==advisories= / / / / // / / // / o / / .-/ =Amaya 11.1 XHTML Parser Buffer Overflow==/= == =Advisory & Vulnerability Information=== Title: Amaya 11.1 XHTML Parser Buffer Overflow Advisory ID: VUDO-2009-0104 Advisory URL: http://research.voodoo-labs.org/advisories/2 Date founded:...

0.8AI score
Exploits0
NVD
NVD
added 2009/03/04 5:30 p.m.17 views

CVE-2009-0809

The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release 18 Service Pack 8, and possibly CATIA and other products, allows remote authenticated users to read the profile card of an object in the document class via a link that is sent from the owner of the document object...

3.5CVSS6.2AI score0.00856EPSS
Exploits0References4
Prion
Prion
added 2009/03/04 5:30 p.m.25 views

Design/Logic Flaw

The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release 18 Service Pack 8, and possibly CATIA and other products, allows remote authenticated users to read the profile card of an object in the document class via a link that is sent from the owner of the document object...

3.5CVSS6.7AI score0.00856EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder