CVE-2026-33528

GoDoxy is a reverse proxy and container orchestrator for self-hosters. Prior to version 0.27.5, the file content API endpoint at /api/v1/file/content is vulnerable to path traversal. The filename query parameter is passed directly to path.Joincommon.ConfigBasePath, filename where ConfigBasePath =...

CVE-2026-33528

creationtimestamp| type| source ---|---|--- 2026-03-21 02:35:03+00:00| published-proof-of-concept| https://github.com/yusing/godoxy/security/advisories/GHSA-4753-cmc8-8j9v 2026-03-26 19:16:14+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33528 2026-03-26...

CVE-2024-33528

CVE-2024-33528 is a Stored Cross-site Scripting (XSS) vulnerability in ILIAS 7.x before 7.30 and 8.x before 8.11. Remote authenticated attackers with tutor privileges can inject arbitrary web script or HTML via XML file uploads. Root cause relates to how XML uploads are processed (stored XSS). Im...

CVE-2023-33528

halo v1.6.0 is vulnerable to Cross Site Scripting XSS...

CVE-2023-33528

halo v1.6.0 is vulnerable to Cross Site Scripting XSS...

CVE-2023-33528

Halo v1.6.0 is vulnerable to Cross Site Scripting (XSS) . The documents identify the affected software and version but do not provide root cause details, exploitation data, or a confirmed patch. No remediation version is stated in the provided sources; monitor for vendor advisories for an officia...

CVE-2023-33528

halo v1.6.0 is vulnerable to Cross Site Scripting XSS...

CVE-2021-33528

CVE-2021-33528 affects Weidmueller Industrial WLAN devices. A vulnerability in the iw_console allows a specially crafted menu selection string to escape the restricted console, granting root access. Attacks can occur with low-privilege user authentication and no user interaction required. The rep...