451 matches found
CVE-2018-19513
In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs/sqlerrorlog/YYYY-MM-DD-sqlerrorlog.log filenames. The log file could contain sensitive client data email addresses and also facilitates exploitation of SQL injection errors...
CVE-2025-15200
A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. The affected element is the function getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex of the file src/main/java/com/sohu/cache/web/controller/AppClientDataShowController.java. The manipulation results in cross site...
CVE-2025-15200
A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. The affected element is the function getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex of the file src/main/java/com/sohu/cache/web/controller/AppClientDataShowController.java. The manipulation results in cross site...
ChurchCRM Privilege Elevation Vulnerability
ChurchCRM is an open source CRM system for churches. ChurchCRM suffers from an elevation of privilege vulnerability that stems from the application not properly implementing an access control mechanism that directly references data transmitted from the client as an object, no details of the...
CPython 安全漏洞
CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython that stems from the default use of Content-Length when reads are not specified, which could lead to a malicious server causing a client to read a large amount of data into memor...
CVE-2025-42893
Due to an Open Redirect vulnerability in SAP Business Connector, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site displayed within an embedded frame. Successful exploitation could allow the attacker to steal...
WordPress plugin Hydra Booking — Appointment Scheduling & Booking Calendar 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress All in One Time Clock Lite plugin unsafe direct object reference vulnerability
WordPress All in One Time Clock Lite plugin is a plugin for tracking employee attendance and supports employee/volunteer/contractor punch record management. The WordPress All in One Time Clock Lite plugin suffers from an insecure direct object reference vulnerability that stems from the applicati...
EUVD-2011-1739
Malware in sbrugna...
EUVD-2016-4173
Malware in sbrugna...
EUVD-2021-17222
Malware in sbrugna...
EUVD-2021-17223
Malware in sbrugna...
EUVD-2017-8976
Malware in sbrugna...
EUVD-2016-1052
Malware in sbrugna...
EUVD-2025-5283
Malicious code in bioql PyPI...
EUVD-2025-20331
Malicious code in bioql PyPI...
EUVD-2022-37309
Malicious code in bioql PyPI...
httpd: insufficient escaping of user-supplied data in mod_ssl
A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in modssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to...
httpd: insufficient escaping of user-supplied data in mod_ssl
A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in modssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to...
httpd: insufficient escaping of user-supplied data in mod_ssl
A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in modssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to...