Lucene search
K

112 matches found

CVE
CVE
added 2025/07/18 4:34 p.m.242 views

CVE-2025-7783

CVE-2025-7783 affects node-form-data; vulnerable versions include

9.4CVSS6.6AI score0.01735EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2025/07/18 4:34 p.m.4 views

CVE-2025-7783

Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with program files lib/formdata.Js. This issue affects form-data: 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3...

9.4CVSS6.1AI score0.01735EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/07/18 12:0 a.m.4 views

PT-2025-30061

Name of the Vulnerable Software and Affected Versions form-data versions 2.5.4 form-data versions 3.0.0 through 3.0.3 form-data versions 4.0.0 through 4.0.3 Description A vulnerability exists in the form-data JavaScript library due to the use of insufficiently random values when generating bounda...

9.4CVSS6.6AI score0.01735EPSS
Exploits1References95
Packet Storm
Packet Storm
added 2023/07/19 12:0 a.m.251 views

Chevereto CMS 3.7.0 HTTP Parameter Pollution

==================================================================================================================================== | Title : Chevereto CMS V3.7.0 HPP Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendo...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/05 12:0 a.m.167 views

Online Eyewear Shop 1.0 - SQL Injection (Unauthenticated)

Exploit Title: Online Eyewear Shop 1.0 - SQL Injection Unauthenticated Date: 2023-01-02 Exploit Author: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com/php/16089/online-eyewear-shop-website-using-php-and-mysql-free-download.html Software Link:...

7.4AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/10/19 8:26 p.m.60 views

Team scope authorization bypass when Post/Put request with :team_name in body, allows HTTP parameter pollution

Impact For some Post/Put Concourse endpoint containing :teamname in the URL, a Concourse user can send a request with body including :teamname=team2 to bypass team scope check to gain access to certain resources belong to any other team. The user only needs a valid user session and belongs to...

5.4CVSS5.7AI score0.00446EPSS
Exploits1References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.28 views

HTTP Parameter Pollution

An HTTP Parameter Pollution HTTP exploits the possibility of including several parameters with the same name in an HTTP request or by including a new encoded parameter. Depending on the web server, its parameters will be parsed in a different way i.e. parsing only the first/last occurrence of the...

7.2AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 10:23 a.m.24 views

Security Bulletin: Client-side HTTP Parameter Pollution in WAS Intelligent Management Admin console

Summary Client-side HTTP Parameter Pollution in WAS Intelligent Management Admin console. TWAS pen testing uncovered an issue with the admin console that allows Client-side HTTP Parameter Pollution. The user must be navigating the affected resources. Client-side HTTP parameter pollution HPP...

3.5CVSS0.3AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.20 views

Security Bulletin: Vulnerabilities in WebSphere Application Server affects IBM Rational products based on IBM Jazz technology

Summary There are multiple vulnerabilities in IBM WebSphere Application Server bundled with IBM Jazz Team Server based Applications that affect the following products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rationa...

6.5CVSS0.4AI score0.02665EPSS
Exploits0Affected Software8
Cvelist
Cvelist
added 2021/04/22 7:37 p.m.22 views

CVE-2021-0269 Junos OS: J-Web can be compromised through reflected client-side HTTP parameter pollution attacks.

The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an attacker to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. An attacker may be able to supersede existing parameters, including hardcoded...

8.8CVSS8.6AI score0.00874EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/10/18 11:28 p.m.16 views

Status.im: HTTP Parameter Pollution with semicolons in iframe allows loading external Greenhouse forms

Summary: Status.im uses Greenhouse for job applications, specifically the older Greenhouse integration which relies on iframes. The ghjid URL parameter is used to load the correct form in the iframe. HTML characters are escaped, but using semicolons you can inject URL parameters into the iframe v...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/20 12:13 p.m.20 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager (CVE-2019-4271)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager version 4.2. Information about IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletinss listed in the Remediation/Fixes section...

3.5CVSS0.9AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/28 3:36 a.m.21 views

Security Bulletin: HTTP Parameter Pollution and XSS vulnerability in WebSphere Application Server Admin Console which is shipped with Jazz for Service Management (CVE-2019-4271)

Summary There is a Client-side HTTP parameter pollution vulnerability and a Cross-site scripting vulnerability in WebSphere Application Server Admin Console. Vulnerability Details CVEID: CVE-2019-4271 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable...

3.5CVSS0.2AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/28 8:50 p.m.20 views

Security Bulletin: A Security Vulnerability Has Been Identified In WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager (CVE-2019-4271)

Summary WebSphere Application Server is shipped with IBM Tivoli Federated Identity Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletinss listed in the...

3.5CVSS0.9AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/14 2:45 p.m.21 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Rational ClearQuest

Summary IBM WebSphere Application Server WAS is used by the IBM Rational ClearQuest server and web components. Information about security vulnerabilities affecting WAS have been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

6.5CVSS0.3AI score0.02665EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/08 7:27 p.m.21 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

6.5CVSS6.2AI score0.02665EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/01 7:36 p.m.19 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2019-4271)

Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin: HT...

3.5CVSS0.9AI score0.00819EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/25 2:25 p.m.19 views

Security Bulletin: A Security Vulnerability has been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2019-4271)

Summary Websphere Application Server is shipped with Predictive Customer Intelligence. Information about a security vulnerability affecting Websphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin: HTTP...

6.5CVSS1AI score0.01263EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/25 2:0 p.m.26 views

Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2019-4442), (CVE-2019-4271), (CVE-2019-4268), (CVE-2019-4270), (CVE-2019-4477)

Summary WebSphere Application Server is shipped with WebSphere Remote Server. Information about security vulnerabilities affecting WebSphere Application Server has been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

6.5CVSS1.2AI score0.02665EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/25 12:20 p.m.20 views

Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server bundled with IBM WebSphere Application Server Patterns

Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in multiple security bulletins. Vulnerability Details Please consult the following...

6.5CVSS0.4AI score0.02068EPSS
Exploits0Affected Software1
Rows per page
Query Builder