46 matches found
CVE-2025-15422 EmpireSoft EmpireCMS IP Address connect.php egetip protection mechanism
A flaw has been found in EmpireSoft EmpireCMS up to 8.0. This issue affects the function egetip of the file e/class/connect.php of the component IP Address Handler. This manipulation causes protection mechanism failure. The attack may be initiated remotely. The exploit has been published and may ...
PT-2026-1039
Name of the Vulnerable Software and Affected Versions EmpireSoft EmpireCMS versions up to 8.0 Description A security issue exists in EmpireSoft EmpireCMS related to the IP Address Handler component. The issue resides in the egetip function within the e/class/connect.php file. This flaw results in...
uCrop 代ē é®é¢ę¼ę“
uCrop is an Android image cropping library open-sourced by Yalantis. A code issue vulnerability exists in uCrop version 2.2.11, which stems from a flaw in the function downloadFile in the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler, which could lead to server-sid...
PT-2025-50608
A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this issue is the function downloadFile of the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. The...
EUVD-2025-33913
A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TFFQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are high...
EUVD-2025-32528
A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing manipulation of the argument PHPSELF can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly...
EUVD-2024-46353
Malicious code in bioql PyPI...
CVE-2025-10014
A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorization. The attack may be performed from remote...
CVE-2025-10014
CVE-2025-10014 affects elunez eladmin up to 2.7, specifically the updateUserEmail function in the Email Address Handler at /api/users/updateEmail/. Manipulating the id/email argument can cause improper authorization, potentially allowing a remote attacker to access or modify user data. Exploitati...
CVE-2025-10014 elunez eladmin Email Address updateEmail updateUserEmail improper authorization
A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorization. The attack may be performed from remote...
PT-2025-36258
Name of the Vulnerable Software and Affected Versions: elunez eladmin versions up to 2.7 Description: A flaw exists in elunez eladmin that impacts the updateUserEmail function within the Email Address Handler component. Manipulation of the id/email argument in the /api/users/updateEmail/ API...
CVE-2025-9003 D-Link DIR-818LW DHCP Reserved Address bsc_lan.php cross site scripting
A vulnerability has been found in D-Link DIR-818LW 1.04. This vulnerability affects unknown code of the file /bsclan.php of the component DHCP Reserved Address Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. This vulnerability on...
PT-2025-33434 Ā· D Link Ā· Dir-818Lw
Name of the Vulnerable Software and Affected Versions: D-Link DIR-818LW version 1.04 Description: A vulnerability exists in the DHCP Reserved Address Handler component of D-Link DIR-818LW version 1.04. The manipulation of the Name argument in the /bsc lan.php file leads to cross-site scripting. T...
CVE-2025-8535
A vulnerability, which was classified as problematic, has been found in cronoh NanoVault up to 1.2.1. This issue affects the function executeJavaScript of the file /main.js of the component xrb URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The...
CVE-2024-5096
A vulnerability classified as problematic was found in Hipcam Device up to 20240511. This vulnerability affects unknown code of the file /log/wifi.mac of the component MAC Address Handler. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been...
The vulnerability of the URL Handler component in the Zimbra Collaboration Suite email management system allows attackers to execute arbitrary code, as a result of insufficient measures taken to protect the structure of the web page.
The vulnerability of the URL Handler component in the Zimbra Collaboration Suite corporate email management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created...
The vulnerability of the admin_compliance_framework function in the Group Namespace URL Handler component of the software platform based on Git, which allows a violator to modify the groupās URL address.
The vulnerability of the admincomplianceframework function in the Group Namespace URL Handler component of the software platform based on Git for collaborative code development in GitLab is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to modi...
The vulnerability of the Email Address Handler component of the software platform based on Git for collaborative code development on GitLab allows a malicious individual to gain unauthorized access to limited functions.
The vulnerability of the Email Address Handler component in the Git-based software platform, which is used for collaborative code development on GitLab, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...
The vulnerability of the URL Handler component in SAP Companion software for interactive user training allows a attacker to carry out XSS attacks.
The vulnerability of the URL Handler component in SAP Companionās interactive user training software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
CVE-2024-5096 Hipcam Device MAC Address wifi.mac information disclosure
A vulnerability classified as problematic was found in Hipcam Device up to 20240511. This vulnerability affects unknown code of the file /log/wifi.mac of the component MAC Address Handler. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been...