CVE-2025-11441

The CVE-2025-11441 entry affects JhumanJ OpnForm (up to v1.9.3). The vulnerability lies in the HTTP Header Handler component, where manipulating the X-Forwarded-For parameter can lead to improper restriction of excessive authentication attempts. Impact is remote, with network attack vector, high ...

PT-2025-41236

Name of the Vulnerable Software and Affected Versions JhumanJ OpnForm versions up to 1.9.3 Description A security issue exists in JhumanJ OpnForm related to improper restriction of excessive authentication attempts. The issue is located within the HTTP Header Handler component and involves...

OpnForm 安全漏洞

OpnForm is a form builder by Julien Nahum Personal Developer. A security vulnerability exists in OpnForm 1.9.3 and earlier versions, which stems from improper manipulation of the parameter X-Forwarded-For in the HTTP Header Handler component, which may result in improperly limiting excessive...

CVE-2025-11284

A vulnerability has been found in Zytec Dalian Zhuoyun Technology Central Authentication Service 3. Affected by this vulnerability is an unknown functionality of the file /index.php/auth/Ops/git of the component HTTP Header Handler. The manipulation of the argument Authorization leads to use of...

EUVD-2015-0746

Malware in sbrugna...

EUVD-2025-22567

Malicious code in bioql PyPI...

EUVD-2025-13564

Malicious code in bioql PyPI...

EUVD-2025-8271

Malicious code in bioql PyPI...

EUVD-2025-29113

Malicious code in bioql PyPI...

EUVD-2022-51387

Malicious code in bioql PyPI...

EUVD-2024-50626

Malicious code in bioql PyPI...

EUVD-2022-51392

Malicious code in bioql PyPI...

EUVD-2025-19325

Malicious code in bioql PyPI...

EUVD-2022-43275

Malicious code in bioql PyPI...

CVE-2025-10485

A vulnerability has been found in pojoin h3blog up to 5bf704425ebc11f4c24da51f32f36bb17ae20489. Affected by this issue is the function pptlog of the file /login of the component HTTP Header Handler. Such manipulation of the argument X-Forwarded-For leads to cross site scripting. The attack may be...

CVE-2025-10392

A vulnerability was detected in Mercury KM08-708H GiGA WiFi Wave2 1.1.14. This affects an unknown function of the component HTTP Header Handler. The manipulation of the argument Host results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be...

CVE-2025-10485

The CVE-2025-10485 entry applies to pojoin h3blog, affecting the HTTP Header Handler’s file/login and the ppt_log function. The issue stems from manipulating the X-Forwarded-For argument, enabling cross-site scripting via remote exploitation. Public exploit information is noted. Affected versions...

PT-2025-37776

Name of the Vulnerable Software and Affected Versions: pojoin h3blog versions prior to 5bf704425ebc11f4c24da51f32f36bb17ae20489 Description: A vulnerability exists due to cross site scripting. Manipulation of the X-Forwarded-For argument in the /login file, specifically within the ppt log functio...

CVE-2025-10392

A vulnerability was detected in Mercury KM08-708H GiGA WiFi Wave2 1.1.14. This affects an unknown function of the component HTTP Header Handler. The manipulation of the argument Host results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be...

CVE-2025-10392

The CVE-2025-10392 entry concerns Mercury KM08-708H GiGA WiFi Wave2 1.1.14. Affects the HTTP Header Handler component, where manipulating the Host argument causes a stack-based buffer overflow. The vulnerability is exploitable remotely, with exploit code publicly available. Documents indicate a C...