|
223861
|
5.3 |
MEDIUM
Network
|
afkmods
|
qsf-portal
|
A vulnerability classified as critical was found in Arthmoor QSF-Portal. This vulnerability affects unknown code of the file index.php. The manipulation of the argument a leads to path traversal. The…
|
CWE-22
Path Traversal
|
CVE-2019-25099
|
2024-11-21 13:39 |
2023-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223862
|
7.5 |
HIGH
Network
|
goa.design
|
goa
|
Improper path sanitization in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory.
|
CWE-22
Path Traversal
|
CVE-2019-25073
|
2024-11-21 13:39 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223863
|
5.4 |
MEDIUM
Network
|
oxidized_web_project
|
oxidized_web
|
A vulnerability was found in ytti Oxidized Web. It has been classified as problematic. Affected is an unknown function of the file lib/oxidized/web/views/conf_search.haml. The manipulation of the arg…
|
-
|
CVE-2019-25088
|
2024-11-21 13:39 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223864
|
4.3 |
MEDIUM
Network
|
ethex
|
ethex_contracts
|
A vulnerability was found in Ethex Contracts. It has been classified as critical. This affects an unknown part of the file EthexJackpot.sol of the component Monthly Jackpot Handler. The manipulation …
|
-
|
CVE-2019-25157
|
2024-11-21 13:39 |
2023-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223865
|
6.1 |
MEDIUM
Network
|
dstar2018
|
agency
|
A vulnerability classified as problematic was found in dstar2018 Agency up to 61. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument Q…
|
-
|
CVE-2019-25156
|
2024-11-21 13:39 |
2023-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223866
|
6.1 |
MEDIUM
Network
|
cure53
|
dompurify
|
DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a 'rel="noopener noreferrer"' attribute.
|
CWE-601
Open Redirect
|
CVE-2019-25155
|
2024-11-21 13:39 |
2023-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223867
|
10.0 |
CRITICAL
Network
|
mozilla
|
firefox
|
A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.
|
NVD-CWE-noinfo
|
CVE-2019-25136
|
2024-11-21 13:39 |
2023-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223868
|
7.2 |
HIGH
Network
|
umbraco
|
umbraco_cms
|
Umbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by authenticated administrators via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx.
|
CWE-91
Blind XPath Injection
|
CVE-2019-25137
|
2024-11-21 13:39 |
2023-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223869
|
6.1 |
MEDIUM
Network
|
dro.pm_project
|
dro.pm
|
A vulnerability, which was classified as problematic, was found in dro.pm. This affects an unknown part of the file web/fileman.php. The manipulation of the argument secret/key leads to cross site sc…
|
CWE-79
Cross-site Scripting
|
CVE-2019-25105
|
2024-11-21 13:39 |
2023-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223870
|
7.5 |
HIGH
Network
|
rtcwcoop
|
rtcwcoop
|
A vulnerability has been found in rtcwcoop 1.0.2 and classified as problematic. Affected by this vulnerability is the function AICast_ScriptLoad of the file code/game/ai_cast_script.c of the componen…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2019-25104
|
2024-11-21 13:39 |
2023-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
