29 matches found
perl-libwww-perl-6.830.0-1.1 on GA media (moderate)
perl-libwww-perl-6.830.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10781-1 Rating: moderate Cross-References: CVE-2026-8368 CVSS scores: CVE-2026-8368 SUSE : 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-8368 SUSE : 6...
CVE-2026-8368
LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are se...
CVE-2026-8368
LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are se...
MAL-2025-8368 Malicious code in @leaffm/automatically-gen-script (npm)
The package @leaffm/automatically-gen-script was found to contain malicious code...
CVE-2025-8368
creationtimestamp| type| source ---|---|--- 2025-07-31 07:52:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvanptdwil2p...
CVE-2025-8368
A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...
CVE-2025-8368
CVE-2025-8368 affects Portabilis i-Educar 2.9. The vulnerability is a reflected cross-site scripting in the file /intranet/pesquisa_pessoa_lst.php, caused by manipulation of the argument campo_busca/cpf. It can be triggered remotely and, per the sources, the exploit has been publicly disclosed. M...
CVE-2025-8368 Portabilis i-Educar pesquisa_pessoa_lst.php cross site scripting
A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...
CVE-2025-8368 Portabilis i-Educar pesquisa_pessoa_lst.php cross site scripting
A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisapessoalst.php. The manipulation of the argument campobusca/cpf leads to cross site scripting. The attack can be initiated remotely. The exploit has...
CVE-2019-8368
OpenEMR v5.0.1-6 allows XSS...
CVE-2024-8368
A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...
CVE-2024-8368
creationtimestamp| type| source ---|---|--- 2024-09-01 07:46:00+00:00| seen| https://t.me/cvedetector/4581...
CVE-2024-8368
The CVE-2024-8368 entry concerns code-projects Hospital Management System version 1.0, where the Login index.php component is vulnerable to SQL injection via the username parameter. This flaw could be exploited remotely and has been publicly disclosed. Root cause is an SQL injection in the handli...
CVE-2024-8368 code-projects Hospital Management System Login index.php sql injection
A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...
CVE-2024-8368 code-projects Hospital Management System Login index.php sql injection
A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php of the component Login. The manipulation of the argument username leads to sql injection. The attack may be launched...
Mitsubishi Electric MELSEC-Q QJ71E71 series Improper Synchronization (CVE-2016-8368)
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to conne...
CVE-2020-8368
CVE-2020-8368 is rejected/not used per the initial description.
CVE-2020-8368
...
CVE-2019-8368
CVE-2019-8368 affects OpenEMR v5.0.1-6 and is a cross-site scripting (XSS) vulnerability. Red Hat/CNVD/OSV listings corroborate the OpenEMR XSS finding. The core issue is a reflected/stored XSS vector in the OpenEMR 5.0.1-6 codebase (exact component/file not specified in the provided documents). ...
CVE-2017-8368
Sublime Text 3 Build 3126 is reported vulnerable to a user‑assisted DoS (and possibly other impact) via a crafted .mkv file. According to the sources, the issue can be triggered when a user opens a malicious MKV payload and issues commands such as Ctrl‑A, Delete, and Ctrl‑Z, with the exploit requ...