Unsafe default file type filter policy in HCL
Leap allows execution of unsafe JavaScript in deployed applications.
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications.
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications
Insufficient sanitization policy in HCL Leap
allows client-side script injection in the deployed application through the
HTML widget.
Improper sanitization of SVG files in HCL Leap
allows client-side script injection in deployed applications.
Insufficient sanitization in HCL Leap allows
client-side script injection in the authoring environment.
Insufficient sanitization policy in HCL Leap
allows client-side script injection in the deployed application through the
HTML widget.
Insufficient URI protocol whitelist in HCL Leap
allows script injection through query parameters.
Insufficient default configuration in HCL Leap
allows anonymous access to directory information.
Multiple vectors in HCL Leap allow client-side
script injection in the authoring environment and deployed applications.
LeapFTP < 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application
Insufficient default configuration in HCL Leap
allows anonymous access to directory information.
Improper access control of endpoint in HCL Leap
allows certain admin users to import applications from the
server's filesystem.
Unrestricted Upload of File with Dangerous Type vulnerability in BerqWP allows Code Injection.This issue affects BerqWP: from n/a through 1.7.6.
Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Food Menu allows Using Malicious Files. This issue affects FW Food Menu : from n/a through 6.0.0.
Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium.This issue affects Pie Register Premium: from n/a before 3.8.3.3.
Unrestricted Upload of File with Dangerous Type vulnerability in Halyra CDI collect-and-deliver-interface-for-woocommerce.This issue affects CDI: from n/a through <= 5.5.3.
CWE-434 Unrestricted Upload of File with Dangerous Type
CWE-434 Unrestricted Upload of File with Dangerous Type
Page 1+ Next →