8 matches found
GI-DocGen Cross-Site Scripting Vulnerability
GI-DocGen is an open source document generation library for GNOME. GI-DocGen suffers from a cross-site scripting vulnerability that stems from susceptibility to cross-site scripting attacks that could lead to the execution of JavaScript code in a web environment...
CVE-2024-32965 ssrf vulnerability in lobe-chat
Lobe Chat is an open-source, AI chat framework. Versions of lobe-chat prior to 1.19.13 have an unauthorized ssrf vulnerability. An attacker can construct malicious requests to cause SSRF without logging in, attack intranet services, and leak sensitive information. The jwt token header...
Apache ActiveMQ Authentication Bypass Vulnerability
Apache ActiveMQ is the United States Apache Apache Foundation of a set of open source messaging middleware , which supports Java messaging services , clustering , Spring Framework and so on. A security vulnerability exists in Apache ActiveMQ that stems from the inability of the default...
BIT-JUPYTER-BASE-NOTEBOOK-2022-24758 Insertion of Sensitive Information into Log File affects Jupyter Notebook
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by...
Apple Quicktime /w IE .qtl Version XAS - Remote Exploit PoC
No description provided by source. !-- Performing XAS Cross Application Scripting attacks automatically read no user interaction is very easy, as I showed before in my shutting down skype proof-of-concept. But, what if you are using a limited web environment, where you can't use iframes or script...
The use of the picture behind a link hidden hung it.-vulnerability warning-the black bar safety net
I also don't know dove gray is what the time, the mesh horse is very popular, and when I finally know the Dove gray is what time, Pirates of the QQ software in the use of the mailbox the received the letter, and when I use dove gray successful on-line and caught the first broilers of the time, th...
Moodle < 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure Vulnerability
Exploit for unknown platform in category web applications ============================================================== Moodle 1.6.9/1.7.7/1.8.9/1.9.5 File Disclosure Vulnerability ============================================================== Moodle File Disclosure Vulnerability Systems Affecte...
Apple QuickTime w IE .qtl Version XAS - Remote
Apple QuickTime w IE .qtl Version XAS - Remote milw0rm.com 2007-09-18...