[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250039

 
 

909

 
 

195882

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 248846 Download | Alert*

LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.

The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8_181212 has stored XSS via the consultContent parameter, as demonstrated by the index.php/home/goodsconsult/add.html URI.

The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback.

Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling value for the ldap_user parameter to the cgi-mod/ldap_load_entry.cgi module. The injection point of the issue is the Add_Update module.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none

SZ NetChat before 7.9 has XSS in the MyName input field of the Options module. Attackers are able to inject commands to compromise the enabled HTTP server web frontend.

PhotoRange Photo Vault 1.2 appends the password to the URI for authorization, which makes it easier for remote attackers to bypass intended GET restrictions via a brute-force approach, as demonstrated by "GET /login.html__passwd1" and "GET /login.html__passwd2" and so on.

TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client.

Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client.

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the use_section1 function in tccasm.c.


Pages:      Start    10167    10168    10169    10170    10171    10172    10173    10174    10175    10176    10177    10178    10179    10180    ..   24884

© SecPod Technologies