3405 matches found
CVE-2025-50671
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwglref.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with excessively long strings in parameters name, en, userid, shibiename, time,...
CVE-2025-50670
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwglbwr.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in the name, qq, and time parameters...
CVE-2025-50665
CVE-2025-50665 describes a buffer overflow in the D-Link DI-8003 (firmware 16.07.26A1) caused by improper handling of input parameters to the /web_keyword.asp endpoint. A crafted HTTP GET request using parameters such as name, en, time, mem_gb2312, and mem_utf8 can trigger the vulnerability. The ...
CVE-2026-5531
A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /logincredentials.txt of the component HTTP GET Request Handler. The manipulation leads to cleartext storage in a file or on disk. The attack may be initiated remotel...
CVE-2026-5531
CVE-2026-5531 affects SourceCodester Student Result Management System 1.0. The vulnerability is in the HTTP GET Request Handler, impacting the file /login_credentials.txt where login credentials may be stored in cleartext on disk. The issue can be triggered remotely, and public disclosures exist....
Use of GET Request Method With Sensitive Query Strings
Overview @immich/sdk is an Auto-generated TypeScript SDK for the Immich API Affected versions of this package are vulnerable to Use of GET Request Method With Sensitive Query Strings via the transmission of authentication credentials in the password parameter within the HTTP request query string...
CVE-2026-25118
immich is a high performance self-hosted photo and video management solution. Prior to version 2.6.0, the Immich application is vulnerable to credential disclosure when a user authenticates to a shared album. During the authentication process, the application transmits the album password within t...
CVE-2025-15620
HiOS Switch Platform versions 09.1.00 through 09.4.04 and 10.0.00 through 10.3.00 contain a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected device by sending a malicious HTTP GET request to a specific endpoint. Attackers can trigger an...
Use of GET Request Method With Sensitive Query Strings
Overview Affected versions of this package are vulnerable to Use of GET Request Method With Sensitive Query Strings in the OAuth provider callback flow. An attacker can gain unauthorized access to sensitive information by intercepting refresh tokens exposed in URL query parameters through browser...
PT-2026-29669
Name of the Vulnerable Software and Affected Versions phpMyFAQ versions prior to 4.1.1 Description phpMyFAQ is susceptible to arbitrary file deletion due to missing path traversal validation and CSRF token verification in the MediaBrowserController::index method. Specifically, when the fileRemove...
Admidio has Missing CSRF Protection on Registration Approval Actions
Summary The createuser, assignmember, and assignuser action modes in modules/registration.php approve pending user registrations via GET request without validating a CSRF token. Unlike the deleteuser mode in the same file which correctly validates the token, these three approval actions read thei...
GHSA-PH84-R98X-2J22 Admidio has Missing CSRF Protection on Registration Approval Actions
Summary The createuser, assignmember, and assignuser action modes in modules/registration.php approve pending user registrations via GET request without validating a CSRF token. Unlike the deleteuser mode in the same file which correctly validates the token, these three approval actions read thei...
CVE-2026-34384 Admidio: Missing CSRF Protection on Registration Approval Actions
Admidio is an open-source user management solution. Prior to version 5.0.8, the createuser, assignmember, and assignuser action modes in modules/registration.php approve pending user registrations via GET request without validating a CSRF token. Unlike the deleteuser mode in the same file which...
CVE-2026-34384
Admidio vulnerability CVE-2026-34384: Before 5.0.8, the approval modes create_user, assign_member, and assign_user in modules/registration.php accepted GET-based requests with no CSRF validation, allowing an attacker with a pending registration and a rol_approve_users right to auto-approve or mer...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CEL-based HTTP functions. An attacker can make unauthorized network requests to internal or external resources and exfitrate sensitive information AWS IAM credentials, GCP tokens by crafting...
CVE-2018-25221
Affected product: EChat Server 3.1. Vulnerability: Buffer overflow in the chat.ghp endpoint, exploitable by sending a GET request with an oversized username value, leading to remote code execution in the application context. The provided description states that shellcode and ROP gadgets can be us...
CVE-2018-25221
EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Attackers can send a GET request to chat.ghp with a malicious username value containing shellcode and ROP gadgets...
PT-2026-28257
EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Attackers can send a GET request to chat.ghp with a malicious username value containing shellcode and ROP gadgets...
CVE-2026-22202
wpDiscuz before 7.6.47 contains a cross-site request forgery vulnerability that allows attackers to delete all comments associated with an email address by crafting a malicious GET request with a valid HMAC key. Attackers can embed the deletecomments action URL in image tags or other resources to...
CVE-2026-3021
Non-relational SQL injection vulnerability NoSQLi in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/centro/equipo/empleado'. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL...