This affects an unknown part of the file /admin/upload/img of the component Image Upload Handler. The associated identifier of this vulnerability is VDB-248255.Ī vulnerability classified as critical has been found in saysky ForestBlog up to 20220630. The exploit has been disclosed to the public and may be used. The manipulation of the argument search with the input sy2ap%22%3e%3cscript%3ealert(1)%3c%2fscript%3etkxh1 leads to cross site scripting. This issue affects some unknown processing. VDB-249150 is the identifier assigned to this vulnerability.Ī vulnerability was found in SourceCodester Simple Image Stack Website 1.0. It is possible to launch the attack remotely. The manipulation of the argument image leads to unrestricted upload. Affected is the function base64ImageContent of the file app/ctrl/User.php. A remote and unauthenticated attacker could introduce crafted image or link URLs that would result in the execution of arbitrary JavaScript in an editing user's browser.Ī vulnerability, which was classified as critical, was found in gopeak MasterLab up to 3.3.10. TinyMCE versions before 5.10.0 are affected by a cross-site scripting vulnerability.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |