105 matches found
CVE-2026-57345
Unauthenticated Cross Site Scripting XSS in Internal Links Manager = 3.0.3 versions...
CVE-2026-57345 WordPress Internal Links Manager plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Internal Links Manager = 3.0.3 versions...
CVE-2026-57345
The CVE-2026-57345 entry concerns WordPress Internal Links Manager plugin versions <= 3.0.3 and describes an Unauthenticated Cross Site Scripting (XSS) vulnerability. The connected Patchstack reference confirms an XSS flaw in WordPress Internal Links Manager
WordPress Internal Links Manager plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by dodoh4t in WordPress Plugin Internal Links Manager versions = 3.0.3...
Server-side Request Forgery (SSRF)
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fal image download process. An attacker can access internal service metadata and responses by sending crafted requests that trigger the image...
PT-2026-29266
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28 Description A server-side request forgery condition exists in the fal provider image-generation-provider.ts component. This allows attackers to retrieve internal URLs. A compromised or malicious fal relay c...
PT-2026-28416
Server-Side Request Forgery SSRF vulnerability exists in the AnnounContent of the /admin/read.php in OTCMS V7.66 and before. The vulnerability allows remote attackers to craft HTTP requests, without authentication, containing a URL pointing to internal services or any remote server...
CVE-2026-25084
Authentication for ZLAN5143D can be bypassed by directly accessing internal URLs...
CVE-2026-25084 ZLAN Information Technology ZLAN5143D Missing Authentication for Critical Function
Authentication for ZLAN5143D can be bypassed by directly accessing internal URLs...
WEB-APPLICATION-VULNERABILITY-SCANNER
WEB-APPLICATION-VULNERABILITY-SCANNER COMPANY: CODTECH IT S...
CVE-2025-60898
An unauthenticated server-side request forgery SSRF vulnerability in the Thumbnail via-uri endpoint of Halo CMS 2.21 allows a remote attacker to cause the server to issue HTTP requests to attacker-controlled URLs, including internal addresses. The endpoint performs a server-side GET to a...
Malicious code in internal-links-autocomplete-id (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-48693 Malicious code in internal-links-autocomplete-id (npm)
The package communicates with a domain associated with malicious activity...
EUVD-2014-4464
Malware in sbrugna...
EUVD-2016-7261
Malware in sbrugna...
EUVD-2025-9937
Malicious code in bioql PyPI...
EUVD-2024-33145
Malicious code in bioql PyPI...
EUVD-2025-30309
Malicious code in bioql PyPI...
EUVD-2025-3873
Malicious code in bioql PyPI...
EUVD-2025-3255
Malicious code in bioql PyPI...