CVE-2026-24801

creationtimestamp| type| source ---|---|--- 2026-01-27 09:21:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdfgnsrnwf26...

MiracleLinux 7 : python-twisted-web-12.1.0-8.el7 (AXSA:2022-3204:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3204:01 advisory. python-twisted: possible http request smuggling CVE-2022-24801 Tenable has extracted the preceding description block directly from the MiracleLinux security...

Exploit for Unrestricted Upload of File with Dangerous Type in Glpi-Project Glpi

CVE-2025-24801 PoC for GLPI RCE This repository contains a pr...

Exploit for Unrestricted Upload of File with Dangerous Type in Glpi-Project Glpi

CVE-2025-24801 This exploit uses CVE-2025-24801 to get Remote...

CVE-2025-24801

GLPI is a free asset and IT management software package. An authenticated user can upload and force the execution of .php files located on the GLPI server. This vulnerability is fixed in 10.0.18...

CVE-2025-24801 GLPI allows authenticated remote code execution

GLPI is a free asset and IT management software package. An authenticated user can upload and force the execution of .php files located on the GLPI server. This vulnerability is fixed in 10.0.18...

CVE-2025-24801

GLPI (asset/IT management software) has CVE-2025-24801 where an authenticated user can upload and force execution of PHP files on the GLPI server. Root cause described in the Nessus/NASL entry aligns with improper handling of uploaded files. Fixed in GLPI version 10.0.18. Remediation is to upgrad...

CVE-2025-24801

creationtimestamp| type| source ---|---|--- 2025-03-12 10:58:14+00:00| seen| https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lk6geieskt2j 2025-03-12 11:30:36+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lk6i6evc3a2c 2025-03-12 12:09:32+00:00| seen|...

CVE-2024-24801

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LogicHunt OWL Carousel – WordPress Owl Carousel Slider allows Stored XSS.This issue affects OWL Carousel – WordPress Owl Carousel Slider: from n/a through 1.4.0...

CVE-2024-24801

CVE-2024-24801 is a Cross-Site Scripting (Stored XSS) vulnerability in the WordPress Owl Carousel Slider (OWL Carousel) plugin by LogicHunt, affecting version ranges up to 1.4.0. The root cause involves improper neutralization of user input during web page generation. Impact is stored XSS within ...

BELL-CVE-2022-24801 CVE-2022-24801 does not affect BellSoft software

Bulletin has no description...

Amazon Linux AMI : python-twisted-web (ALAS-2023-1717)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1717 advisory. A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length...

Important: python-twisted-web

Issue Overview: A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\n and \t' etc. Non-conformant parsing leads to a desync if requests pass...

CBL Mariner 2.0 Security Update: python-twisted (CVE-2022-24801)

The version of python-twisted installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24801 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an HTTP request smuggling issue in Twisted (CVE-2022-24801).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to HTTP request smuggling in Twisted CVE-2022-24801. By using header manipulation, an attacker could exploit this vulnerability to poison a web-cache, perform an XSS attack. Twisted is used as part of our speech...

CVE-2022-24801 affecting package python-twisted for versions less than 22.10.0-1

CVE-2022-24801 affecting package python-twisted for versions less than 22.10.0-1. This CVE either no longer is or was never applicable...

Ubuntu 22.04 LTS : Twisted vulnerability (USN-5576-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5576-1 advisory. It was discovered that Twisted incorrectly parsed some types of HTTP requests in its web server implementation. In certain proxy or multi-server configurations, a...

Amazon Linux 2 : python-twisted-web (ALAS-2022-1827)

The version of python-twisted-web installed on the remote host is prior to 12.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1827 advisory. A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the...

Fedora: Security Advisory for python-twisted (FEDORA-2022-9a489fa494)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python-twisted (FEDORA-2022-71b66d4747)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...