WordPress plugin NEX-Forms 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

School-Management-System 安全漏洞

School-Management-System is a school management system developed by Lahiru Danushka. Version 1.0 of School-Management-System has security vulnerabilities, which stem from improper handling of email POST parameters in the file /studentms/admin/contact-us.php. This could lead to reflection-type...

CVE-2025-58136

A flaw was found in Apache Traffic Server. A remote attacker can exploit a bug in the POST request handling mechanism, which, under certain conditions, causes the server to crash. This vulnerability can lead to a Denial of Service DoS, making the affected service unavailable to legitimate users...

PT-2026-24931

A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...

CVE-2025-69227 AIOHTTP vulnerable to DoS when bypassing asserts

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

EUVD-2025-18805

Malicious code in bioql PyPI...

itsourcecode Hostel Management System 代码注入漏洞

itsourcecode Hostel Management System is an open source hostel management system from itsourcecode. A code injection vulnerability exists in version 1.0 of itsourcecode Hostel Management System, which stems from improper manipulation of the parameter from in the component POST Request Handler in...

Linux Distros Unpatched Vulnerability : CVE-2021-20110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to Manage Engine Asset Explorer Agent 1.0.34 not validating HTTPS certificates, an attacker on the network can statically configure their IP address to matc...

TOTOLINK X15 安全漏洞

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formDosCfg parameter submit-url to properly validate the length and size of the input data in the...

TOTOLINK A3002RU和TOTOLINK A3002R 安全漏洞

The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU suffer from a buffer overflow vulnerability that stems from improper handling of the file /boafrm/formIpQoS in the HTTP POST request handler. No...

CVE-2021-24522

The User Registration, User Profile, Login & Membership – ProfilePress Formerly WP User Avatar WordPress plugin before 3.1.11's widget for tabbed login/register was not properly escaped and could be used in an XSS attack which could lead to wp-admin access. Further, the plugin in several places...

USN-4415-1 coturn vulnerabilities

Felix Dörre discovered that coTURN response buffer is not initialized properly. An attacker could possibly use this issue to obtain sensitive information. CVE-2020-4067 It was discovered that coTURN web server incorrectly handled HTTP POST requests. An attacker could possibly use this issue to...

DEBIAN-CVE-2020-12626

An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF attack can cause an authenticated user to be logged out because POST was not considered...

ZeroCMS 1.0 - zero_transact_user.php, Handling Privilege Escalation

Exploit for php platform in category web applications import sys,getopt,cookielib,urllib2,urllib ZeroCMS 1.0 zerotransactuser.php Impropper Form post hanling, parameter polution Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ author: email protected Tested on: php 5.4....

PT-2012-2901 · Python +3 · Python +3

Name of the Vulnerable Software and Affected Versions: Python versions prior to 2.6.8 Python versions 2.7.x prior to 2.7.3 Python versions 3.x prior to 3.1.5 Python versions 3.2.x prior to 3.2.3 Description: The issue allows remote attackers to cause a denial of service, resulting in infinite loo...

Google Chrome 'GetWidget' methods DoS Vulnerability - Linux

Google Chrome is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2008-3909

The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery CSRF attacks and delete or modify data via unspecified requests...

NullLogic Null HTTPd 0.5 - Remote Denial of Service

source: https://www.securityfocus.com/bid/8697/info Null HTTPd has been reported prone to a remotely triggered denial of service vulnerability. The issue has been reported to present itself in the HTTP POST handling routines within the Null HTTPd server. It has been reported that a remote attacke...

NullLogic Null HTTPd 0.5 - Remote Denial of Service

NullLogic Null HTTPd 0.5 - Remote Denial of Service source: https://www.securityfocus.com/bid/8697/info Null HTTPd has been reported prone to a remotely triggered denial of service vulnerability. The issue has been reported to present itself in the HTTP POST handling routines within the Null HTTP...

mod_php update fixes security problems

A new modphp PHP4 package is available to fix security problems. Here's the information from the Slackware 8.0 ChangeLog: ---------------------------- Sat Mar 2 22:45:25 PST 2002 patches/packages/modphp.tgz: Upgraded to PHP 4.1.2. This fixes several security problems in the POST handling code use...