-
Step to reproduce -
- Upload (http://localhost/GetSimpleCMS-master/admin/upload.php) the malicious svg file & browse though, **XSS** & **XML entity expansion attack**( lead to DOS) would be repro…
-
Once we go to beta, we will not be firewalling access to HTTP (we'll probably stop firewalling alpha as well at that time, to avoid discouraging alpha-testers and spending time maintaining the ACLs). …
-
```
What steps will reproduce the problem?
1. Downloaded default xml from
https://dev.itratos.de/projects/php-ids/repository/raw/trunk/lib/IDS/default_fil
ter.xml
2.
./scalp.py -l /var/log/apache2/ac…
-
CSP violation reports sent when browser blocks `eval()` and inline script are identical in their contents, which makes it difficult to determine what really caused them.
In both cases the fields `vi…
-
Saw this when injecting buttons into DOM
![not-allowed](https://github.com/user-attachments/assets/39bf5663-80bd-4ff4-8daa-6e736b3b5d16)
-
Never wrote an extension for Firefox, so that will require some reading (started). This might take a while.
-
Under User data is:
`$userData = e107::user(); // Example - currently logged in user. `
this doesn't work. I had to use
`$userData = e107::user(USERID); // Example - currently logged in user. `
…
-
> I've worked on a few large-scale OSS projects, and I believe that people find it easier to just leave a comment and rely on a contributor to explain a problem rather than consulting the documentatio…
-
fawfawf
-
```
What steps will reproduce the problem?
1. Downloaded default xml from
https://dev.itratos.de/projects/php-ids/repository/raw/trunk/lib/IDS/default_fil
ter.xml
2.
./scalp.py -l /var/log/apache2/ac…