Feras Al-Kassar
Feras Al-Kassar
Hello, I would like to report for possible XSS vulnerability. In file https://github.com/xiebruce/PicUploader/blob/master/index.php ```php $data = [ 'code' => 'success', 'data' => [ 'filename' => $_FILES['file']['name'], 'url' => $isWeb ?...
Signed-off-by: Feras Al-Kassar The vulnerability explanation https://github.com/MiczFlor/RPi-Jukebox-RFID/issues/1859
Hello, I would like to report for possible vulnerability. In file https://github.com/MiczFlor/RPi-Jukebox-RFID/blob/develop/htdocs/trackEdit.php ```php //line 136 if(isset($_GET['folder']) && $_GET['folder'] != "") { $post['folder'] = $_GET['folder']; } else { if(isset($_POST['folder']) && $_POST['folder']...
Hello, I was trying to to use pre-trained model for the embedding but there are two bugs. The first one in the sample.py, with init the parameters. I think we...
Hello, I would like to report XSS vulnerability. In file AdminBaseController.class.php line 20 ```php redirect(U('Admin/Login/login')); ``` In file https://github.com/baijunyao/thinkphp-bjyblog/blob/master/ThinkPHP/Mode/Api/functions.php line 869 function U ```php $domain = $host.(strpos($host,'.')?'':strstr($_SERVER['HTTP_HOST'],'.')); ``` function U...
Hello, I would like to report to XSS vulnerability. The path of the vulnerability. In file Application/Home/Controller/GoodsController.class.php, line 21 ```php public function postGoods(){ $postData = $_POST; $add=true; $this->upload($postData,$add); } ```...
Hello, I would like to report for possible XSS vulnerability. The path of the vulnerability in files https://github.com/lincanbin/Carbon-Forum/blob/master/library/PHPAnalysis.demo.php ```php // line 27 // the source $str = (isset($_POST['source']) ? $_POST['source']...
Hello, I would like to report for a vulnerability. Can I report it here or you prefer if I send it by email ?
Hello, I would like to report for XSS vulnerability. In file https://github.com/ZeroDream-CN/SakuraPanel/blob/master/core/PostHandler.php line 87 ```php $result = $pm->checkRules($_POST); ``` In function checkRules ```php public function checkRules($data) { // .... if($this->isProxyNameExist($data['proxy_name']))...
Hello, I would like to report for some possible XSS vulnerabilities. For example, The injection through the news title. The source will be inserted in the DB, then it will...