CVE-2018-25165 Galaxy Forces MMORPG 0.5.8 SQL Injection via ads.php

Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract...

CVE-2018-25165

Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract...

CVE-2025-67366

@sylphxltd/filesystem-mcp v0.5.8 is an MCP server that provides file content reading functionality. Version 0.5.8 of filesystem-mcp contains a critical path traversal vulnerability in its "readcontent" tool. This vulnerability arises from improper symlink handling in the path validation mechanism...

Filesystem MCP 安全漏洞

Filesystem MCP is a Sylphx open source MCP file system server. A security vulnerability exists in Filesystem MCP version 0.5.8, which stems from improper handling of symbolic links in the path validation mechanism, and could lead to bypassing directory restrictions and accessing unauthorized file...

PT-2026-1881

Name of the Vulnerable Software and Affected Versions @sylphxltd/filesystem-mcp version 0.5.8 Description @sylphxltd/filesystem-mcp version 0.5.8 contains a path traversal issue in the “read content” tool. The issue is due to improper symlink handling in the path validation mechanism. The...

Vite Plugin React 安全漏洞

Vite Plugin React is an open source plugin for Vite. A security vulnerability exists in Vite Plugin React versions prior to 0.5.8 that stems from an arbitrary file read vulnerability in the /viterscfindSourceMapURL endpoint...

EUVD-2007-2195

Malware in sbrugna...

CVE-2024-8865

A vulnerability was found in composiohq composio up to 0.5.8 and classified as problematic. Affected by this issue is the function path of the file composio\server\api.py. The manipulation of the argument file leads to path traversal. The exploit has been disclosed to the public and may be used...

CVE-2020-36661

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

Composio Path Traversal Vulnerability

Composio is a production-ready toolset for AI agents open-sourced by Composio. A path traversal vulnerability exists in Composio version 0.5.8 and prior versions, which stems from the fact that incorrect manipulation of the parameter file can lead to path traversal. No details of the vulnerabilit...

GHSA-66R2-XM28-74W9 Composio Path Traversal vulnerability

A vulnerability was found in composiohq composio up to 0.5.8 and classified as problematic. Affected by this issue is the function path of the file composio\server\api.py. The manipulation of the argument file leads to path traversal. The exploit has been disclosed to the public and may be used...

CVE-2024-8865 composiohq composio api.py path path traversal

A vulnerability was found in composiohq composio up to 0.5.8 and classified as problematic. Affected by this issue is the function path of the file composio\server\api.py. The manipulation of the argument file leads to path traversal. The exploit has been disclosed to the public and may be used...

Composio 路径遍历漏洞

Composio is a production-ready toolset for AI agents open-sourced by Composio. A path traversal vulnerability exists in Composio version 0.5.8 and prior versions, which stems from the fact that incorrect manipulation of the parameter file can lead to path traversal. No details of the vulnerabilit...

PT-2024-39283 · Composiohq · Composio

Name of the Vulnerable Software and Affected Versions: composiohq composio versions up to 0.5.8 Description: A vulnerability was found in composiohq composio, classified as problematic. The issue affects the function path of the file composioserverapi.py. The manipulation of the file argument lea...

Improper Output Neutralization for Logs

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Improper Output Neutralization for Logs via the logging extension. An attacker can inject forged logs and executable...

Incorrect Initialization of Resource

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Incorrect Initialization of Resource via CUDA SHM region registration. An attacker can cause a network issue, leading t...

CVE-2024-25676

An issue was discovered in ViewerJS 0.5.8. A script from the component loads content via URL TAGs without properly sanitizing it. This leads to both open redirection and out-of-band resource loading...

SUSE CVE-2020-11709

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

CVE-2023-28441

smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...

Design/Logic Flaw

smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...