|
212491
|
6.1 |
MEDIUM
Network
|
python
|
python
|
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the fir…
|
CWE-93
CRLF Injection
|
CVE-2019-9740
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212492
|
6.1 |
MEDIUM
Network
|
golangtc
|
gopher
|
jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '<EMBED SRC="data:image/svg+xml' substring.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9738
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212493
|
6.1 |
MEDIUM
Network
|
ipandao
|
editor.md
|
Editor.md 1.5.0 has DOM-based XSS via vectors involving the '<EMBED SRC="data:image/svg+xml' substring.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9737
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212494
|
6.1 |
MEDIUM
Network
|
1024tools
|
1024tools
|
DOM-based XSS exists in 1024Tools Markdown 1.0 via vectors involving the '<EMBED SRC="data:image/svg+xml' substring.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9736
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212495
|
6.5 |
MEDIUM
Network
|
openstack
redhat
debian
|
neutron
openstack
debian_linux
|
An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-9735
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212496
|
7.8 |
HIGH
Local
|
shanda
|
maplestory_online
|
In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signe…
|
CWE-787
CWE-129
Out-of-bounds Write
Improper Validation of Array Index
|
CVE-2019-9729
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212497
|
6.1 |
MEDIUM
Network
|
korenix
|
jetport_web_manager
jetport_5601_firmware
jetport_5601f_firmware
|
The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devices has Persistent XSS via the Port Alias field under Serial Setting.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9725
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212498
|
6.1 |
MEDIUM
Network
|
joomla
|
joomla\!
|
An issue was discovered in Joomla! before 3.9.4. The media form field lacks escaping, leading to XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9714
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212499
|
7.5 |
HIGH
Network
|
joomla
|
joomla\!
|
An issue was discovered in Joomla! before 3.9.4. The sample data plugins lack ACL checks, allowing unauthorized access.
|
CWE-862
Missing Authorization
|
CVE-2019-9713
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212500
|
6.1 |
MEDIUM
Network
|
joomla
|
joomla\!
|
An issue was discovered in Joomla! before 3.9.4. The JSON handler in com_config lacks input validation, leading to XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-9712
|
2024-11-21 13:52 |
2019-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
