CVE-2022-43520

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities...

CVE-2024-25047

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not sanitizing user provided data. This could lead to further attacks against the system. IBM X-Force ID: 282956...

CVE-2024-4010

The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on the handleajaxrequest function in all versions up to, and including, 5.7.19. This makes it possible for...

CVE-2024-40642

The netty incubator codec.bhttp is a java language binary http parser. In affected versions the BinaryHttpParser class does not properly validate input values thus giving attackers almost complete control over the HTTP requests constructed from the parsed output. Attackers can abuse several issue...

CVE-2024-48761

Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter...

CVE-2024-48761

CVE-2024-48761 affects Celk Saude v3.1.252.1 and is a reflected XSS vulnerability exploitable via the erro parameter, allowing remote injection of JavaScript. Several connected sources confirm the same issue and describe improper validation/sanitization of the erro input as the root cause. Impact...

PT-2025-2802 · Unknown · Celk Saude

Name of the Vulnerable Software and Affected Versions: Celk Saude version 3.1.252.1 Description: The issue arises from improper validation or sanitization of the erro parameter, which is returned as a response when incorrect credentials are entered during login. This makes the component susceptib...

CVE-2024-48761

Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the "erro" parameter...

CVE-2025-23202

Bible Module is a tool designed for ROBLOX developers to integrate Bible functionality into their games. The FetchVerse and FetchPassage functions in the Bible Module are susceptible to injection attacks due to the absence of input validation. This vulnerability could allow an attacker to...

CVE-2025-23202 Improper Input Validation in Bible Module for ROBLOX

Bible Module is a tool designed for ROBLOX developers to integrate Bible functionality into their games. The FetchVerse and FetchPassage functions in the Bible Module are susceptible to injection attacks due to the absence of input validation. This vulnerability could allow an attacker to...

CVE-2025-23202 Improper Input Validation in Bible Module for ROBLOX

Bible Module is a tool designed for ROBLOX developers to integrate Bible functionality into their games. The FetchVerse and FetchPassage functions in the Bible Module are susceptible to injection attacks due to the absence of input validation. This vulnerability could allow an attacker to...

CVE-2025-23202 Improper Input Validation in Bible Module for ROBLOX

Bible Module is a tool designed for ROBLOX developers to integrate Bible functionality into their games. The FetchVerse and FetchPassage functions in the Bible Module are susceptible to injection attacks due to the absence of input validation. This vulnerability could allow an attacker to...

CVE-2025-23202

The CVE-2025-23202 entry concerns the Bible Module for ROBLOX. The vulnerable components are the FetchVerse and FetchPassage functions, which lack input validation, enabling injection attacks that could manipulate API request URLs and potentially lead to unauthorized access or data tampering. The...

Bible Module for ROBLOX 输入验证错误漏洞

Bible Module for ROBLOX is a module about the Bible by UnknownLua Personal Developer. It allows developers to easily access information from the Bible API software. An input validation error vulnerability exists in Bible Module for ROBLOX that stems from the FetchVerse and FetchPassage functions...

CVE-2024-52615 Avahi: avahi wide-area dns uses constant source port

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected...

CVE-2021-1481

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management...

Fortinet Fortigate SSLVPN WEB UI Text injection (FG-IR-24-033)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-033 advisory. - An improper neutralization of special elements in output used by a downstream component 'Injection' vulnerability CWE-74 in...

CVE-2024-20418

creationtimestamp| type| source ---|---|--- 2024-11-06 17:09:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113437106972810589 2024-11-06 17:29:02+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113437189233894586 2024-11-07 06:04:53+00:00| seen|...

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers

Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted E2EE cloud storage platforms that could be exploited to leak sensitive data. "The vulnerabilities range in severity: in many cases a malicious server can inject files, tamper with file data, and...

CVE-2024-48918

RDS Light is a simplified version of the Reflective Dialogue System RDS, a self-reflecting AI framework. Versions prior to 1.1.0 contain a vulnerability that involves a lack of input validation within the RDS AI framework, specifically within the user input handling code in the main module main.p...