[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255861

 
 

909

 
 

199025

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 254096 Download | Alert*

A reflected cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found.

A stored cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3, allows remote attackers to inject arbitrary web script or HTML via input fields. These input fields are located in the "Title" Input Field in EventEditor.php.

ChurchCRM 4.5.3 was discovered to contain a CSV injection vulnerability via the Last Name and First Name input fields when creating a new person. These vulnerabilities allow attackers to execute arbitrary code via a crafted excel file.

OS injection vulnerability in World Wide Broadcast Network AVideo version before 12.4, allows attackers to execute arbitrary code via the video link field to the Embed a video link feature.

Cross Site Scripting (XSS) vulnerability in World Wide Broadcast Network AVideo before 12.4, allows attackers to gain sensitive information via the success parameter to /user.

Improper Authorization vulnerability in OTRS AG OTRS 8 (Websocket API backend) allows any as Agent authenticated attacker to track user behaviour and to gain live insight into overall system usage. User IDs can easily be correlated with real names e. g. via ticket histories by any user. (Fuzzing for garnering other adjacent user/sensitive data).��Subscribing to all possible push events could also ...

PolyMC Launcher <= 1.4.3 is vulnerable to Directory Traversal. A mrpack file can be maliciously crafted to create arbitrary files outside of the installation directory.

MultiMC Launcher <= 0.6.16 is vulnerable to Directory Traversal.

nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal.

Cross Site Scripting (XSS) Vulnerability in Fetlife rollout-ui version 0.5, allows attackers to execute arbitrary code via a crafted url to the delete a feature functionality.


Pages:      Start    25048    25049    25050    25051    25052    25053    25054    25055    25056    25057    25058    25059    25060    25061    ..   25409

© SecPod Technologies