135 matches found
CVE-2023-53887
Zomplog 3.9 contains a cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating new pages. Attackers can craft malicious image source and onerror attributes to execute arbitrary JavaScript code in victim's browser...
CVE-2023-53888
Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload malicious JavaScript files, rename them to PHP, and execute system commands by exploiting the saveE and...
CVE-2023-53888
Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files such as JavaScript and rename them to .php via the saveE and rename actions, then execute the...
CVE-2023-53888
Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload malicious JavaScript files, rename them to PHP, and execute system commands by exploiting the saveE and...
CVE-2023-53887
Zomplog 3.9 contains a cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating new pages. Attackers can craft malicious image source and onerror attributes to execute arbitrary JavaScript code in victim's browser...
CVE-2023-53888 Zomplog 3.9 Remote Code Execution via Authenticated File Manipulation
Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files such as JavaScript and rename them to .php via the saveE and rename actions, then execute the...
CVE-2023-53888
Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files such as JavaScript and rename them to .php via the saveE and rename actions, then execute the...
CVE-2023-53887 Zomplog 3.9 Cross-Site Scripting Vulnerability via Page Creation
Zomplog 3.9 contains a cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating new pages. Attackers can craft malicious image source and onerror attributes to execute arbitrary JavaScript code in victim's browser...
CVE-2023-53887 Zomplog 3.9 Cross-Site Scripting Vulnerability via Page Creation
Zomplog 3.9 contains a cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating new pages. Attackers can craft malicious image source and onerror attributes to execute arbitrary JavaScript code in victim's browser...
CVE-2023-53888 Zomplog 3.9 Remote Code Execution via Authenticated File Manipulation
Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files such as JavaScript and rename them to .php via the saveE and rename actions, then execute the...
CVE-2023-53888
CVE-2023-53888 affects Zomplog 3.9. An authenticated attacker can upload JavaScript files, rename them to PHP, and trigger arbitrary PHP code execution via the app’s file-manipulation endpoints (saveE and rename actions). The vulnerability originates from the authenticated file manipulation workf...
CVE-2023-53887
Zomplog 3.9 is affected by a cross-site scripting vulnerability that can be triggered during page creation by authenticated users. The issue arises from allowing crafted image src and onerror attributes to inject and execute arbitrary JavaScript in the victim’s browser. The impact is client-side ...
Zomplog 安全漏洞
Zomplog is a web logging system from Zomplog Open Source. A security vulnerability exists in Zomplog version 3.9 that originates from allowing an authenticated user to inject malicious script when creating a new page, which could lead to a cross-site scripting attack...
Zomplog 安全漏洞
Zomplog is a Web logging system from Zomplog Open Source. A security vulnerability exists in Zomplog version 3.9 that originates from allowing an authenticated attacker to inject and execute arbitrary PHP code via a file manipulation endpoint, potentially leading to remote code execution...
EUVD-2007-5211
Malware in sbrugna...
EUVD-2007-2152
Malware in sbrugna...
EUVD-2007-2765
Malware in sbrugna...
EUVD-2007-5210
Malware in sbrugna...
EUVD-2005-3308
Malware in sbrugna...
EUVD-2007-5258
Malware in sbrugna...