• Stars
    star
    1
  • Language
  • Created about 3 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

The plugin does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly

More Repositories

1

Automate-Telegram

Simple python program to execute terminal commands on telegram chats directly.
Python
40
star
2

Your-First-Contribution

You may learn how to make successful pull requests and get your first valid open source contribution by using this repository.
C++
26
star
3

Dutch-Government-Scopes

https://english.ncsc.nl/contact/reporting-a-vulnerability-cvd
20
star
4

30-Days-of-PHP-source-code-analysis

30 Days of PHP source code analysis
14
star
5

PassEnum

Enumerate most common password patterns with custom keyword.
CSS
10
star
6

Udemy-Auto-Enroller

Input list of udemy free courses and let python enroll it for you.
Python
7
star
7

OSCP-Like-Machines

https://blog.veshraj.info.np/
5
star
8

CVE-2022-1597

The plugin, used as a companion for the Discy and Himer themes, does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks
4
star
9

Port-Scanner

Simple Port Scanner By newbie :)
Python
4
star
10

SocialTimeOut

Have a break from social life
Shell
3
star
11

veshraj.github.io

Assignments
CSS
3
star
12

PhpLearning

PHP
2
star
13

VeshSite

SCSS
2
star
14

CVE-2022-1051

WPQA < 5.2 - Subscriber+ Stored Cross-Site Scripting via Profile fields
2
star
15

CVE-2021-24545

The plugin does not sanitise the HTML allowed in the Bio of users, allowing them to use malicious JavaScript code, which will be executed when anyone visit a post in the frontend made by such user. As a result, user with a role as low as author could perform Cross-Site Scripting attacks against users, which could potentially lead to privilege escalation when an admin view the related post/s.
2
star
16

C-Programming-Tutorials

1
star
17

CVE-2022-1598

WPQA < 5.5 - Unauthenticated Private Message Disclosure
1
star
18

SATechnicalOnboarding

HTML
1
star
19

V35HR4J

Hi, nice to see you here!
1
star
20

RandomAPIs

Python
1
star
21

reviewing-a-pull-request

HTML
1
star
22

Searchor-2.4.1-RCE

searchor is a ⚑️ Quick and easy search engine queries. Affected versions of this package are vulnerable to Arbitrary Code Execution due to unsafe implementation of eval method.
Python
1
star