DansGuardian before 2.4.5-1 allows remote attackers to bypass content filtering rules via hex-encoded URLs.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| daniel_barron | dansguardian | 2_2.2.7 |
| daniel_barron | dansguardian | 2_2.2.10 |
| daniel_barron | dansguardian | 2.2.2.9.1 |
| daniel_barron | dansguardian | 2_2.2.9 |
| daniel_barron | dansguardian | 2_2.2.6 |
| daniel_barron | dansguardian | 2_2.2.5 |
| daniel_barron | dansguardian | 2_2.2.4 |
| daniel_barron | dansguardian | 2.2.2.7.1 |
| daniel_barron | dansguardian | 2_2.2.8 |
Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| daniel_barron | dansguardian | 3.1_r5 |
| daniel_barron | dansguardian | 3.0 |
| daniel_barron | dansguardian | 3.1_r6 |
| daniel_barron | dansguardian | 3.2 |
DansGuardian 2.8 and earlier allows remote attackers to bypass the extension filtering rule via a hex encoded extension or . in the filename.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| daniel_barron | dansguardian | 2.2.4 |
| daniel_barron | dansguardian | 2.2.8 |
| daniel_barron | dansguardian | 2.2.9.1 |
| daniel_barron | dansguardian | 2.7.3.1 |
| daniel_barron | dansguardian | 2.2.7.1 |
| daniel_barron | dansguardian | 2.2.10 |
| daniel_barron | dansguardian | 2.2.6 |
| daniel_barron | dansguardian | 2.2.9 |
| daniel_barron | dansguardian | 2.8 |
| daniel_barron | dansguardian | 2.2.7 |
| daniel_barron | dansguardian | 2.4.5.1 |
| daniel_barron | dansguardian | 2.6.1.5 |
| daniel_barron | dansguardian | 2.2.5 |
DansGuardian before 2.7.7-2 allows remote attackers to bypass URL filters via a ".." in the request.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| daniel_barron | dansguardian | 2.7.6 |
| daniel_barron | dansguardian | 2.7.3 |
| daniel_barron | dansguardian | 2.7.5 |
| daniel_barron | dansguardian | 2.7.7 |
| daniel_barron | dansguardian | 2.7.7.1_beta |
Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote attackers to bypass URL filters via a crafted request that causes a page to be added to the clean page cache.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| daniel_barron | dansguardian | 2.6.1.8 |
| daniel_barron | dansguardian | 2.6.1.11 |
| daniel_barron | dansguardian | 2.6.1.9 |
| daniel_barron | dansguardian | 2.6.1.10 |
| daniel_barron | dansguardian | 2.6.1.12 |