Externally Controlled Reference to a Resource in Another Sphere

Overview Affected versions of this package are vulnerable to Externally Controlled Reference to a Resource in Another Sphere via the Build resource creation. An attacker can gain unauthorized control over pod generation in arbitrary Kubernetes namespaces, including the operator namespace, by...

EUVD-2026-28452

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-34327

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

PT-2026-38581

Name of the Vulnerable Software and Affected Versions Microsoft Partner Center affected versions not specified Description An externally controlled reference to a resource in another sphere allows an unauthorized attacker to perform spoofing over a network. Recommendations At the moment, there is...

EUVD-2018-4445

Malware in sbrugna...

EUVD-2025-29618

Malicious code in bioql PyPI...

CVE-2025-8057 IDOR in Patika Global Technologies' HumanSuite

Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource in Another Sphere, Improper Authorization vulnerability in Patika Global Technologies HumanSuite allows Exploiting Trust in Client.This issue affects HumanSuite: before 53.21.0...

CVE-2025-8057

CVE-2025-8057 concerns an authorization bypass in Patika Global Technologies’ HumanSuite. The issue arises from a user‑controlled key that enables an externally controlled reference to a resource in another sphere, leading to improper authorization. Affected product/version: HumanSuite prior to 5...

CVE-2025-2875

CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when an unauthenticated attacker manipulates controller’s webserver URL to access resources...

Exploit for External Control of File Name or Path in Moodle

CVE-2023-30943Moodle self-xss Отказ от ответственности...

Exploit for CVE-2022-30190

AmzWord an automated attack chain based on CVE-2022-30190, 16...

QNAP Photo Station Vulnerability (QSA-22-24)

QNAP Photo Station is prone to an externally controlled reference to a resource vulnerability which is e.g. used by the DeadBolt ransomware campaign. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

QNAP Photo Station Externally Controlled Reference Vulnerability

Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign...

Exploit for CVE-2022-30190

CVE-2022-30190EXPPowerPoint This is exploit of CVE-2022-301...

Exploit for CVE-2022-30190

Follina-CVE-2022-30190 Proof of Concept by Nee Usage ba...

Exploit for CVE-2022-30190

Follina-CVE-2022-30190 Proof of Concept by Nee Usage ba...

Exploit for CVE-2022-30190

CVE-2022-30190 CVE-2022-30190 CVE-2022-30190 Follina POC Hos...

Exploit for CVE-2022-30190

CVE-2022-30190-follina Just another PoC for the new MSDT-Explo...

Exploit for CVE-2022-30190

CVE-2022-30190 Usag...

Exploit for CVE-2022-30190

CVE-2022-30190 CVE-2022-30190 Follina POC Host exploit.html...