38184 matches found
Cross Site Scripting(XSS)
vxe-table is vulnerable to Cross Site Scripting XSS. The vulnerability is due to inadequate sanitization of user-supplied input within the inputValue argument of the export function in the vxe-textarea component. It allows malicious actors to execute arbitrary JavaScript code within the context o...
Remote Code Execution (RCE)
mocodo is vulnerable to Remote Code Execution. The vulnerability is due to improper input validation at /web/rewrite.php, which allows an attacker to inject and execute arbitrary code...
SQL Injection
dolibarr/dolibarr is vulnerable to SQL Injection. The vulnerability is due to improper handling of parameters 'sortorder' and 'sortfield' in '/dolibarr/admin/dict.php', allowing remote attackers to retrieve database information by sending specially crafted SQL queries...
Information Disclosure
github.com/huandu/facebook is vulnerable to an Information Disclosure vulnerability. The vulnerability is due to the accesstoken being exposed in error messages upon failing HTTP requests, which could allow an attacker with log access to obtain sensitive access tokens by exploiting error messages...
SQL Injection
dolibarr/dolibarr is vulnerable to SQL Injection. The vulnerability is caused by improper parameter sanitization within /dolibarr/commande/list.php, which enables a remote attacker to send a specially crafted SQL query resulting in database exfiltration...
URL Injection
silverstripe/framework is vulnerable to a URL Injection vulnerability. The vulnerability is due to improper encoding of entities in the URL string, specifically in requests coming from Internet Explorer, which allows malicious JavaScript code to be directly inserted into the output content by...
Missing Authentication
jupyter-scheduler is vulnerable to Missing Authentication. The vulnerability is due to a missing authentication check on the /scheduler/runtimeenvironments API endpoint, allowing unauthenticated users to obtain the list of Conda environment names on the server...
Denial Of Service (DoS)
silverstripe/framework is vulnerable to Denial Of Service DoS. The vulnerability is due to missing XML size checks, which allows an attacker to significantly degrade the performance of the site through a Quadratic Blowup Attack...
Cross Site Scripting (XSS)
silverstripe/framework is vulnerable to Cross Site Scripting XSS. The vulnerability is due to inadequate sanitisation of the rewriteHashlinks option in SSViewer, allowing an attacker to inject HTML through the querystring...
Cross-Site Request Forgery (CSRF)
Silverstripe/forum is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to form actions being directly accessible, allowing an attacker to use GET requests to create members and post to forums, and tricking moderators into clicking crafted URLs to move topics...
Code Injection
pug is vulnerable to Code execution. The vulnerability is due to the lack of proper input validation for the name option in the compileClient, compileFileClient, or compileClientWithDependenciesTracked functions, which allows attackers to execute arbitrary JavaScript code in the context of the...
Cross-Site Scripting
phpservermon/phpservermon is vulnerable to Cross-Site Scripting. The vulnerability is due to the lack of proper validation of input parameters in index.php, which allows an attacker to create a specially crafted URL and send it to a victim, to retrieve their session details...
Infinite Loop
org.soot-oss: soot is vulnerable to Infinite Loop. The vulnerability is due to the retrieveActiveBody function, which allows an attacker to maliciously craft a method to cause excessive resource consumption that can leads to Denial of Service...
Cross-site Scripting (XSS)
silverstripe/framework is vulnerable to Cross-site Scripting XSS. The vulnerability is due to an unvalidated returnURL parameter in the dev/build endpoint, which can cause users to be redirected to unverified third-party URLs...
Authentication Bypass
SilverStripe is vulnerable to Authentication Bypass. The vulnerability is caused by providing an empty token parameter with secure token parameters like isDev or flush, allowing bypass of normal authentication mechanisms...
Improper URL Sanitization
silverstripe/framework is vulnerable to Improper URL Sanitization. The vulnerability is due to a lack of server-side URL sanitization in the "Add from URL" function, allowing potentially dangerous URLs to be processed...
Cross Site Scripting (XSS)
silverstripe/framework is vulnerable to Cross Site Scripting XSS. The vulnerability is due to unescaped HTML posted by a CMS user into any GridField object field, which results in XSS when a user utilizes the print feature...
Open Redirect
silverstripe/framework is vulnerable to Open Redirect. The vulnerability is due to using the X-Forwarded-Host HTTP header in place of the actual HTTP hostname, potentially allowing attackers to alter URL resolution resulting in arbitrary redirections...
Cross Site Scripting (XSS)
silverstripe/framework is vulnerable to Cross Site Scripting. The vulnerability is due to improper HTML sanitisation in the Director::forceredirect method, leading to potential XSS risks during HTTP redirection...
Open Redirect
silverstripe/framework is vulnerable to Open Redirect. The vulnerability is due to improper handling of login URLs, allowing attackers to redirect successful logins to external sites...
Cross Site Scripting (XSS)
silverstripe/framework is vulnerable to Cross Site Scripting. The vulnerability is due to a lack of adminusername and adminpassword sanitation within the setup form...
Cross-site Scripting(XSS)
silverstripe/framework is vulnerable to Cross-site Scripting XSS. The vulnerability is caused due to the lack of proper sanitization or encoding of user-input data when it is displayed in TreeDropdownField and TreeMultiSelectField, which allows an attacker to execute malicious JavaScript code...
Cross-site Scripting (XSS)
silverstripe/framework is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper encoding of validation messages in certain FormField classes, which can present invalid content as part of the validation response resulting in XSS...
Server-Side Request Forgery (SSRF)
vufind/vufind is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper input validation in the /Cover/Show route, allowing remote attackers to access internal HTTP servers and execute Cross-Site Scripting XSS attacks by proxying arbitrary URLs via the proxy GET...
Brute Force Attack
silverstripe/framework is vulnerable to Brute Force attacks. The vulnerability is due to the default Administrator accounts not being subject to the same brute force protection as other Member accounts, allowing unlimited login attempts...
Remote Code Execution (RCE)
ait-core is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to loading untrusted pickle files, allowing attackers to execute arbitrary code...
Cross Site Scripting (XSS)
silverstripe/framework is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper handling of error messages generated for the CMS login page, where the URL of the requested page is interpolated without proper escaping, allowing for arbitrary HTML injection...
Improper Access Control
Vantage6 is vulnerable to Improper Access Control. The vulnerability is caused by a lack of proper permission checks for adding extra organizations to a collaboration, which could result in unauthorized actions for the newly added organizations...
Cross-site Request Forgery (CSRF)
silverstripe/framework is vulnerable to Cross-site Request Forgery CSRF. The vulnerability is due to the improper handling of session tokens by the disableSecurityToken function within the LoginForm, which allows attackers to potentially fixate session tokens...
Cross-Site Scripting (XSS)
silverstripe/framework is vulnerable to Cross-site Scripting XSS. The vulnerability is due to insufficient filtering of submitted values in readonly form fields, including ReadonlyField, LookupField, HTMLReadonlyField, and TimeFieldReadonly. These fields can retain unfiltered data from form...
Cross-Site Scripting (XSS)
silverstripe/cms is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to a lack of proper validation of user-submitted HTML in the “compare mode” of the CMS page history tab, which allows attackers to embed malicious scripts that results in Cross-Site Scripting XSS...
Cross-Site Scripting (XSS)
silverstripe/admin is vulnerable to Cross-Site Scripting XSS . The vulnerability is due to inadequate input validation, allowing an attacker to embed malicious JavaScript through onmouseover or onmouseout attributes in the WYSIWYG editor...
Cross-Site Scripting (XSS)
silverstripe/framework is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to a lack of parameter sanitization, allowing the injection of arbitrary HTML through crafted URLs...
HTTP Header Spoofing
silverstripe/framework is vulnerable to HTTP header spoofing. The vulnerability is due to trusting all originating IPs to include HTTP headers for Hostname, IP, and Protocol, which results in reverse proxies forwarding requests while retaining the original request information...
Information Disclosure
github.com/dapr/dapr is vulnerable to Information Disclosure. The vulnerability is caused due to the gRPC proxy sending the invoker app's token instead of the invoked app's token. This allows an attacker to gain access to the invoker app's token, compromising security and authentication mechanism...
Authentication Bypass
silverstripe/framework is vulnerable Authentication Bypass. This vulnerability is due to a lack of permission check to the DatabaseAdmin of function init on the buildDefaults method of the DevelopmentAdmin class, allows unauthorized users to access sensitive functionality...
Cross-Site Request Forgery (CSRF)
silverstripe/framework is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to a lack of proper CSRF token verification in gridFieldAlterAction submissions, which allows attackers to trick users with CMS access into posting unspecified data from external websites...
Server-Side Request Forgery (SSRF)
vufind/vufind is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the /Upgrade/FixConfig route, which allows remote attackers to overwrite local configuration files...
Cross-site Scripting (XSS)
ezsystems/ezfind-ls is vulnerable to Cross-site Scripting XSS. The vulnerability is caused due to the lack of proper sanitization of the $searchextras.spellcheckcollation variable in the "Did you mean...?" spell check/search suggestion feature. This may lead to unauthorized code execution,...
Directory Traversal
github.com/stakater/forecastle is vulnerable to Directory Traversal. The vulnerability is due to insufficient input validation, allowing attackers to traverse directories by including "../" sequences in requests...
Remote Code Execution (RCE)
shopware/shopware is vulnerable to Remote Code Execution RCE. The vulnerability is due to certain circumstances which allow the execution of authorized foreign code...
Brute Force Attack
ezsystems/ezplatform-admin-ui is vulnerable to a Brute Force Attack. The vulnerability is due to a weakness in the forgotten password reset functionality, which allows excessive attempts without sufficient lockout measures...
Cleartext Transmission Of Sensitive Information
NASA AIT-Core is vulnerable to Cleartext Transmission of Sensitive Information. The vulnerability is due to using unencrypted channels to exchange data over the network, which allows an attacker to conduct a Man-in-the-Middle attack...
Remote Code Execution
shopware/shopware vulnerable to Remote Code Execution. The vulnerability is due to improper handling of templates that do not derive from the Shopware standard, allowing execution of unauthorized foreign code...
SQL Injection
PyMySQL is vulnerable to SQL Injection. The vulnerability is due to improper JSON sanitization within the escapedict function, which allows an attacker execute arbitrary SQL if an application handles untrusted JSON user input...
CSV Injection
Ghost is vulnerable to CSV Injection. The vulnerability is due to inadequate input sanitization during member CSV export, allowing malicious content to be injected into CSV files, and executed when opened by a spreadsheet application...
Cross-site Request Forgery (CSRF)
Sensiolabs/connect is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to the absence of a state parameter in OAuth requests, which exposes applications to CSRF attacks during the OAuth authentication flow...
Cross Site Scripting (XSS)
silverstripe/cms is vulnerable to Cross Site Scripting XSS. The vulnerability is due to improper escaping of HTML input in the textfields of pages referred to by VirtualPage, which allows an attacker inject and execute arbitrary JavaScript in the browser...
Improper Authorization
silverstripe/cms is vulnerable to Improper Authorization. The vulnerability is due to insufficient permission checks during SiteTree object creation, allowing unauthorized users to create new SiteTree objects...
Missing Default Authentication
Argo CD is vulnerable to Missing Default Authentication. The vulnerability is due to the default lack of password protection in redis, allowing attackers with access to an unprivileged pod to connect to the Redis server to gain read/write access, modify the "mfst" manifest key to execute...