CVE-2026-5979

A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack can be launched...

PT-2026-5760

Name of the Vulnerable Software and Affected Versions ingress-nginx versions prior to v1.13.7 ingress-nginx versions 1.14.0 through 1.14.3 Description The nginx.ingress.kubernetes.io/auth-method Ingress annotation in ingress-nginx can be exploited to inject configuration into nginx. This can lead...

PT-2026-5762

Name of the Vulnerable Software and Affected Versions ingress-nginx versions prior to 1.11.4 ingress-nginx versions prior to 1.12.1 Description A security issue exists in ingress-nginx where the protection provided by the auth-url Ingress annotation may not function as expected due to a specific...

FPGA Support Package for the Intel® oneAPI DPC++/C++ Compiler Software Advisory

Summary: A potential security vulnerability for some FPGA Support Package for the Intel® oneAPI DPC++/C++ Compiler software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-32038 Description:...

EUVD-2018-10492

Malware in sbrugna...

PT-2025-33433 · Surbowl · Dormitory-Management-Php

Name of the Vulnerable Software and Affected Versions: Surbowl dormitory-management-php version 1.0 Description: A vulnerability exists in Surbowl dormitory-management-php 1.0, specifically within the login.php file. Manipulation of the Account parameter results in a SQL injection. The attack can...

VulnCheck KEV: CVE-2018-18775

Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability via the Login.asp Msg parameter. NOTE: this is a deprecated product...

Easy File Sharing FTP 3.6 Denial Of Service Exploit

!/usr/bin/perl use Net::FTP; Exploit Title: Easy File Sharing FTP Server 3.6 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 17 january 2024 Vendor Homepage: N/A Download to demo: Notification vendor: No reported Tested Version: Easy File Sharing FTP Server 3.6 Tested on:...

LightFTP 1.1 Denial Of Service Exploit

!/usr/bin/perl use Net::FTP; Exploit Title: LightFTP 1.1 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 15 january 2024 Vendor Homepage: N/A Notification vendor: No reported Tested Version: LightFTP 1.1 Tested on: Window XP Professional - Service Pack 2 and 3 - English...

Easy File Sharing FTP Server 2.0 Denial Of Service Exploit

!/usr/bin/perl use Net::FTP; Exploit Title: Easy File Sharing FTP Server 2.0 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 04 january 2024 Download to demo: https://drive.google.com/drive/folders/1XISgBk4Zql8NzkWsrzAPOUEqbjJP4hZQ?usp=sharing Notification vendor: No report...

Cross site scripting

Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability via the Login.asp Msg parameter. NOTE: this is a deprecated product...

Cross site scripting

Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability via the admin/admin.asp ShowAll parameter. NOTE: this is a deprecated product...

Directory traversal

Directory traversal vulnerability in Microstrategy Web, version 7, in "/WebMstr7/servlet/mstrWeb" in the parameter subpage allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. slash dot dot in a pathname used by a web application...

CVE-2018-18775

Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability via the Login.asp Msg parameter. NOTE: this is a deprecated product...

CVE-2018-18776

Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability via the admin/admin.asp ShowAll parameter. NOTE: this is a deprecated product...

CVE-2018-18776

CVE-2018-18776 concerns MicroStrategy Web 7, where an XSS vulnerability arises because input is not sufficiently encoded. The issue is exploitable via the admin/admin.asp ShowAll parameter, enabling a cross-site scripting attack. The product is deprecated, and multiple external sources (including...