CVE-2025-56424

CVE-2025-56424 affects Insiders Technologies GmbH e-invoice pro prior to release 1 Service Pack 2. Multiple sources describe a vulnerability where a remote attacker can cause a denial of service via a crafted script, attributed to mishandling of specially crafted scripts. The root cause is stated...

CVE-2025-56424

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script...

CVE-2025-56424

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script...

PT-2026-1818

Name of the Vulnerable Software and Affected Versions Insiders Technologies GmbH e-invoice pro versions prior to release 1 Service Pack 2 Description A flaw exists in Insiders Technologies GmbH e-invoice pro that could allow a remote attacker to cause a denial of service by using a specially...

CVE-2023-53957

Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session...

CVE-2023-53957

Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session...

CVE-2023-53957

Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session...

CVE-2023-53957 Kimai 1.30.10 SameSite Cookie Vulnerability Session Hijacking

Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session...

CVE-2023-53957

Kimai 1.30.10 is affected by a SameSite cookie vulnerability that can enable session hijacking. Attackers may lure victims into running a crafted PHP script that captures and writes session cookies to a file, enabling access to user sessions. The issue is tied to improper SameSite cookie handling...

EUVD-2025-204601

Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session...

PT-2025-52527

Name of the Vulnerable Software and Affected Versions Kimai version 1.30.10 Description Kimai version 1.30.10 has a SameSite cookie flaw that allows attackers to steal user session cookies. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie...

CVE-2023-38913

SQL injection vulnerability in anirbandutta9 NEWS-BUZZ v.1.0 allows a remote attacker to execute arbitrary code via a crafted script...

ROS-20251217-7304

A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to a memory management procedure mismatch. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by injecting a specially crafted script...

EUVD-2023-42673

SQL injection vulnerability in anirbandutta9 NEWS-BUZZ v.1.0 allows a remote attacker to execute arbitrary code via a crafted script...

CVE-2023-38913

SQL injection vulnerability in anirbandutta9 NEWS-BUZZ v.1.0 allows a remote attacker to execute arbitrary code via a crafted script...

CVE-2023-38913

SQL injection vulnerability in anirbandutta9 NEWS-BUZZ v.1.0 allows a remote attacker to execute arbitrary code via a crafted script...

Redis: Redis Lua Use-After-Free may lead to remote code execution

A vulnerability found in Redis where a flaw in the Lua scripting engine can trigger a use-after-free condition. An authenticated attacker can exploit this by running a specially crafted Lua script, potentially resulting in remote code execution RCE within the Redis process...

CVE-2024-42749

Cross Site Scripting vulnerability in Alto CMS v.1.1.13 allows a local attacker to execute arbitrary code via a crafted script...

CVE-2024-42749

CVE-2024-42749 affects Alto CMS 1.1.13 with a Cross-Site Scripting flaw. The issue allows a local attacker to execute arbitrary code through a crafted script, linked to improper input handling (not properly clearing input) as described by the connected sources. Affected component is Alto CMS core...

EUVD-2024-55082

Cross Site Scripting vulnerability in Alto CMS v.1.1.13 allows a local attacker to execute arbitrary code via a crafted script...