UBUNTU-CVE-2024-38863

Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions 2.3.0p18, 2.2.0p35 and 2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks...

CVE-2024-9237

The Fish and Ships – Most flexible shipping table rate. A WooCommerce shipping rate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.9. This makes it possible for...

Remote Code Execution

dtale is vulnerable to Remote Code Execution RCE via the runquery function. The vulnerability is due to improper sanitization of the query parameter. An attacker can execute arbitrary code on the server by sending malicious input...

D-Tale Command Execution Vulnerability

D-Tale is the combination of a Flask back-end and a React front-end to bring you an easy way to view & analyze Pandas data structures. In dtale\views.py, under the route @dtale.route"/chart-data/", the query parameters from the request are directly passed into runquery for execution. And...

PT-2024-39211 · WordPress · Roles & Capabilities

Name of the Vulnerable Software and Affected Versions: Roles & Capabilities plugin for WordPress versions up to, and including, 1.1.9 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on the URL. This allows...

PT-2024-39212 · WordPress · Lucas String Replace

Name of the Vulnerable Software and Affected Versions: Lucas String Replace plugin for WordPress versions up to, and including, 2.0.5 Description: The issue arises from the use of add query arg without proper escaping on the URL, allowing unauthenticated attackers to inject arbitrary web scripts...

Security Bulletin: Vulnerabilities in Golang Go affect watsonx.data

Summary Golang Go has multiple vulnerabilities that include HTTP injection, remote attacks to conduct query parameter smuggling, remote attackd to bypass security restrictions, and denial of service attacks. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-32189 DESCRIPTION:...

ZoneMinder 安全漏洞

ZoneMinder is an open source video surveillance software system from ZoneMinder Open Source. The system supports IP, USB and analog cameras, among others. A security vulnerability exists in ZoneMinder versions prior to 1.36.34, which stems from not cleaning up query parameters and is vulnerable t...

Atlassian Confluence 1.0.1 < 7.19.23 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 (CONFSERVER-95942)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95942 advisory. - Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the...

golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters

A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...

GHSA-MVF6-3F2G-XFXF endroid/qr-code-bundle File Disclosure via logo_path query parameter

Versions of endroid/qr-code-bundle prior to 3.4.2 are affected by a security vulnerability that allows disclosure of files through the logopath query parameter. The vulnerability arises from the improper handling of non-image data as the logo, which could lead to unintended file disclosure...

Drupal Anonymous Open Redirect

Drupal core and contributed modules frequently use a "destination" query string parameter in URLs to redirect users to a new destination after completing an action on the current page. Under certain circumstances, malicious users can use this parameter to construct a URL that will trick users int...

CVE-2024-28866 GoCD vulnerable to reflected Cross-site Scripting possible on server loading page during start-up

GoCD is a continuous delivery server. GoCD versions from 19.4.0 to 23.5.0 inclusive are potentially vulnerable to a reflected cross-site scripting vulnerability on the loading page displayed while GoCD is starting, via abuse of a redirectto query parameter with inadequate validation. Attackers...

CVE-2024-34532

A SQL injection vulnerability in Yvan Dotet PostgreSQL Query Deluxe module aka querydeluxe 17.x before 17.0.0.4 allows a remote attacker to gain privileges via the query parameter to models/querydeluxe.py:QueryDeluxe::getresultfromquery...

PT-2024-25952 · Yvan Dotet · Postgresql Query Deluxe

Name of the Vulnerable Software and Affected Versions: Yvan Dotet PostgreSQL Query Deluxe module versions 17.x before 17.0.0.4 Description: A SQL injection issue allows a remote attacker to gain privileges via the query parameter to models/querydeluxe.py:QueryDeluxe::get result from query. This...

CVE-2023-6787 Keycloak: session hijacking via re-authentication

A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter "prompt=login," prompting the user to re-enter...

CVE-2024-28722

CVE-2024-28722 affects Innovaphone myPBX v12r2–14r1. A cross-site scripting flaw allows a remote attacker to trigger arbitrary code execution via the query parameter to /CMD0/xml_modes.xml. Impact notes from sources indicate web UI/scriptable context with potential credential concerns in related ...

PT-2024-22540 · Innovaphone · Innovaphone Pbx

Name of the Vulnerable Software and Affected Versions: Innovaphone myPBX versions 12r2 through 14r1 Description: The issue allows a remote attacker to execute arbitrary code via the query parameter to the "/CMD0/xml modes.xml" endpoint. This enables the attacker to perform actions such as injecti...

CVE-2024-28722

Cross Site Scripting vulnerability in Innovaphone myPBX v.14r1, v.13r3, v.12r2 allows a remote attacker to execute arbitrary code via the query parameter to the /CMD0/xmlmodes.xml endpoint...

Keycloak vulnerable to session hijacking via re-authentication

A flaw was found in Keycloak. An active keycloak session can be hijacked by initiating a new authentication having the query parameter prompt=login and forcing the user to enter his credentials once again. If the user cancels this re-authentication by clicking Restart login, the account takeover...