17 matches found
CVE-2025-11189
The Kiwire Captive Portal contains a reflected cross-site scripting XSS vulnerability within the login-url parameter, allowing for Javascript execution...
EUVD-2025-33713
The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website...
CVE-2025-11190
The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website...
CVE-2025-11189
The Kiwire Captive Portal contains a reflected cross-site scripting XSS vulnerability within the login-url parameter, allowing for Javascript execution...
CVE-2025-11190 CVE-2025-11190
The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website...
CVE-2025-11190
CVE-2025-11190 affects the Kiwire Captive Portal (SynchroWeb). The issue is an open redirection in the login-url parameter that can redirect users to an attacker‑controlled website. Public details consistently describe this as a login flow redirection vulnerability without additional exploit info...
CVE-2025-11189 CVE-2025-11189
The Kiwire Captive Portal contains a reflected cross-site scripting XSS vulnerability within the login-url parameter, allowing for Javascript execution...
CVE-2025-11189 CVE-2025-11189
The Kiwire Captive Portal contains a reflected cross-site scripting XSS vulnerability within the login-url parameter, allowing for Javascript execution...
Kiwire Captive Portal 安全漏洞
Kiwire Captive Portal is a login authentication page from Kiwire Malaysia. A security vulnerability exists in Kiwire Captive Portal that stems from an open redirection issue with the login-url parameter, which could result in users being redirected to an attacker-controlled website...
PT-2025-41543
Name of the Vulnerable Software and Affected Versions Kiwire Captive Portal affected versions not specified Description The software contains an open redirection issue. An attacker can redirect users to a website controlled by the attacker through manipulation of the login-url parameter. The...
PT-2025-41542
Name of the Vulnerable Software and Affected Versions Kiwire Captive Portal affected versions not specified Description The software contains a reflected cross-site scripting XSS issue within the login-url parameter. This allows for Javascript execution. The issue is present in the login...
EUVD-2020-10585
Malware in sbrugna...
EUVD-2025-28001
Malicious code in bioql PyPI...
XBoot 代码问题漏洞
XBoot is a one-stop front-end and back-end separation rapid development platform for Exrick individual developers. A code issue vulnerability exists in XBoot 3.3.4 and prior versions, which stems from a server-side request forgery due to incorrect manipulation of the loginUrl parameter...
CVE-2024-32337
A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ADMIN LOGIN URL parameter under the Security module...
CVE-2024-32337
WonderCMS v3.4.3 is affected by a cross-site scripting (XSS) vulnerability in the Settings section, allowing an attacker to inject arbitrary script or HTML via a crafted payload in the ADMIN LOGIN URL parameter under the Security module. The CVE is CVE-2024-32337. Affected component: Settings → S...
CVE-2019-9206
PRTG Network Monitor v7.1.3.3378 allows XSS via the /public/login.htm errormsg or loginurl parameter. NOTE: This product is discontinued...