3 matches found
The vulnerability of the library for processing HTTP requests in the HTTP_Request2 VPN-client Tunnelblick, related to the disclosure of information through test directories, allows a perpetrator to carry out XSS attacks and elevate their privileges to the root level.
The vulnerability of the library for processing HTTP requests in the HTTPRequest2 VPN-client Tunnelblick component is related to the disclosure of information through the tests/network/getparameters.php and tests/network/postparameters.php directories. Exploiting this vulnerability allows a remot...
CVE-2025-43717
In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...
PT-2025-16930 · Pear · Pear Http Request2
Name of the Vulnerable Software and Affected Versions: PEAR HTTP Request2 versions prior to 2.7.0 Description: The issue concerns multiple files in the tests directory of PEAR HTTP Request2, specifically tests/ network/getparameters.php and tests/ network/postparameters.php, which reflect any GET...