| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Mail-0's Zero is an open-source email solution. In version 0.8 it's possible for an attacker to craft an email that executes javascript leading to session hijacking due to improper sanitization. This issue has been patched in version 0.81. |
| A vulnerability has been found in MarkText up to 0.17.1 and classified as problematic. Affected by this vulnerability is the function getRecommendTitleFromMarkdownString of the file marktext/src/main/utils/index.js. The manipulation leads to inefficient regular expression complexity. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. |
| Out-of-bounds Write vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files ldebug.C, lvm.C.
This issue affects NotepadNext: through v0.11. |
| In Innoshop through 0.4.1, an authenticated attacker could exploit the File Manager functions in the admin panel to achieve code execution on the server, by uploading a crafted file and then renaming it to have a .php extension by using the Rename Function. This bypasses the initial check that uploaded files are image files. The application relies on frontend checks to restrict the administrator from changing the extension of uploaded files to .php. This restriction is easily bypassed with any proxy tool (e.g., BurpSuite). Once the attacker renames the file, and gives it the .php extension, a GET request can be used to trigger the execution of code on the server. |
| Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR) at multiple places within the frontend shop. Anyone can create a customer account and easily exploit these. Successful exploitation results in disclosure of the PII of other customers and the deletion of their reviews of products on the website. To be specific, an attacker could view the order details of any order by browsing to /en/account/orders/_ORDER_ID_ or use the address and billing information of other customers by manipulating the shipping_address_id and billing_address_id parameters when making an order (this information is then reflected in the receipt). Additionally, an attacker could delete the reviews of other users by sending a DELETE request to /en/account/reviews/_REVIEW_ID. |
| In scan.rs in spytrap-adb before 0.3.5, matches for known stalkerware are not rendered in the interactive user interface. |
| A stored cross-site scripting (XSS) vulnerability in tianti v2.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the coverImageURL parameter at /article/ajax/save. |
| A Stored Cross Site Scripting (XSS) vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to store JavaScript code inside a PDF file through the file upload feature. When the file is rendered, the injected code is executed on the user's browser. |
| A reflected cross-site scripting (XSS) vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. |
| VisiCut 2.1 allows code execution via Insecure XML Deserialization in the loadPlfFile method of VisicutModel.java. |
| Crawl4AI <=0.4.247 is vulnerable to SSRF in /crawl4ai/async_dispatcher.py. |
| A vulnerability was found in DaiCuo 1.3.13. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SEO Optimization Settings Section. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
| An issue in the Property Tax Payment Portal in Information Kerala Mission SANCHAYA v3.0.4 allows attackers to arbitrarily modify payment amounts via a crafted request. |
| Unifiedtransform 2.0 is vulnerable to Cross Site Scripting (XSS) in the Create assignment function. |
| An issue in the login page of Seclore v3.27.5.0 allows attackers to bypass authentication via a brute force attack. |
| An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input |
| When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access (double-free) and crash of DNSdist, causing a denial of service.
The remedy is: upgrade to the patched 1.9.9 version.
A workaround is to temporarily switch to the h2o provider until DNSdist has been upgraded to a fixed version.
We would like to thank Charles Howes for bringing this issue to our attention. |
| The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘successredirect’ parameter in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| While editing pages managed by MegaBIP a user with high privileges is prompted to give a reasoning for performing this action. Input provided by the the user is not sanitized, leading to SQL Injection vulnerability.
Version 5.20 of MegaBIP fixes this issue. |
| Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS attacks on other users. In order to use the editor high privileges are required.
Version 5.20 of MegaBIP fixes this issue. |
