CVE-2026-25648 Traccar Vulnerable to Stored Cross-Site Scripting (XSS) via Malicious SVG File Upload

Versions of the Traccar open-source GPS tracking system starting with 6.11.1 contain an issue in which authenticated users can execute arbitrary JavaScript in the context of other users' browsers by uploading malicious SVG files as device images. The application accepts SVG file uploads without...

PT-2026-21559

Name of the Vulnerable Software and Affected Versions Traccar versions 6.11.1 and later Description The Traccar GPS tracking system is affected by an issue where authenticated users can execute arbitrary JavaScript in other users' browsers. This occurs because the application accepts SVG file...

CVE-2023-54182 f2fs: fix to check readonly condition correctly

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check readonly condition correctly With below case, it can mount multi-device image w/ rw option, however one of secondary device is set as ro, later update will cause panic, so let's introduce f2fsdevisreadonly, and...

CVE-2023-31679

CVE-2023-31679 affects Videogo v6.8.1 with incorrect access control that permits an attacker to access images from other devices by modifying the Device Id parameter. Root cause: faulty authorization checks on device-scoped content. Impact: potential disclosure of images across devices (C:H, I:N,...

Belkin N600DB Wireless Router - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: Belkin N600DB Wireless Router | Multiple Vulnerabilities Date: 16/01/2018 Exploit Author: Wadeek Hardware Version: F9K1102as v3 Firmware Version: 3.04.11 Vendor Homepage:...