CVE-2026-33182

Saloon is a PHP library that gives users tools to build API integrations and SDKs. Prior to version 4.0.0, when building the request URL, Saloon combined the connector's base URL with the request endpoint. If the endpoint was a valid absolute URL, the code used that URL as-is and ignored the base...

CVE-2025-32355

Rocket TRUfusion Enterprise through 7.10.4.0 uses a reverse proxy to handle incoming connections. However, the proxy is misconfigured in a way that allows specifying absolute URLs in the HTTP request line, causing the proxy to load the given resource...

EUVD-2025-28014

Malicious code in bioql PyPI...

CVE-2025-43833

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Amir Helzer Absolute Links absolute-links allows Blind SQL Injection.This issue affects Absolute Links: from n/a through = 1.1.1...

CVE-2025-43833

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Amir Helzer Absolute Links absolute-links allows Blind SQL Injection.This issue affects Absolute Links: from n/a through = 1.1.1...

CVE-2025-43833

CVE-2025-43833 affects WordPress Absolute Links plugin (≤ 1.1.1). Affected component is user-supplied input resulting in Improper Neutralization of SQL commands, enabling Blind SQL Injection. Exploitation status is not confirmed in the provided documents; CVSS v3.1 base score is 7.6 (HIGH) with n...

CVE-2025-43833 WordPress Absolute Links plugin <= 1.1.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Amir Helzer Absolute Links absolute-links allows Blind SQL Injection.This issue affects Absolute Links: from n/a through = 1.1.1...

CVE-2025-43833 WordPress Absolute Links plugin <= 1.1.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Amir Helzer Absolute Links absolute-links allows Blind SQL Injection.This issue affects Absolute Links: from n/a through = 1.1.1...

WordPress plugin Absolute Links SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

PT-2025-22046 · Unknown · Absolute Links

Name of the Vulnerable Software and Affected Versions: Absolute Links versions n/a through 1.1.1 Description: The issue is related to an SQL Injection vulnerability, specifically an Improper Neutralization of Special Elements used in an SQL Command. This allows for Blind SQL Injection, which can ...

Java Mini Web Server 1.0 - Directory Traversal / Cross-Site Scripting

Exploit Title: Java Mini Web Server | www.DigitalWhisper.co.il Software Link: http://www.jibble.org/miniwebserver/ Version: YOURXSSHEREWork?Index of %00"Work?Index of %00"Work? Work?SimpleWebServer.jar SimpleWebServer http://www.jibble.org/ Path Traversal: A Path Traversal attack aims to access...