[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 253351 Download | Alert*

URL validation scheme receives input from a user and then parses it to identify its various components. The validation scheme can ensure that all URL components comply with internet standards.

Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script can be activated through Action form fields, which can be sent as request to a website with a vulnerability that enables execution of malicious scripts.

Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use.

Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1.

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy.

Currently, geomap configuration (Administration -> General -> Geographical maps) allows using HTML in the field ���Attribution text��� when selected ���Other��� Tile provider.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <=��2.2.35 versions.

Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.

Zoho ManageEngine Applications Manager before 16400 allows proxy.html DOM XSS.

Zoho ManageEngine ServiceDesk Plus before 14105, ServiceDesk Plus MSP before 14200, SupportCenter Plus before 14200, and AssetExplorer before 6989 allow SDAdmin attackers to conduct XXE attacks via a crafted server that sends malformed XML from a Reports integration API endpoint.


Pages:      Start    24815    24816    24817    24818    24819    24820    24821    24822    24823    24824    24825    24826    24827    24828    ..   25335

© SecPod Technologies