2 matches found
CVE-2025-40704
Cross-Site Scripting XSS vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultural Heritage ACDH-CH, due to inadequate validation of user input when a POST request is sent. The vulnerabilities could allow a remote user to send specially crafted queries to an...
Command injection
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before 2.3.2.114, and WNR2000v5 before 1.0.0.76...