Lucene search
K

1138 matches found

Nuclei
Nuclei
added 8 hours ago45 views

WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting

WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php. id: CVE-2017-17059 info: name: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting author: daffainfo severity: medium description: WordPress...

6.1CVSS6.4AI score0.03419EPSS
Exploits1References4
NVD
NVD
added 4 days ago9 views

CVE-2026-15300

The GEO my WP plugin for WordPress was vulnerable to SQL Injection via the 'distance', 'lat', and 'lng' parameters in versions up to, and including, 4.5.4. The values were read from $SERVER'QUERYSTRING' via parsestr bypassing wpmagicquotes, which does not cover $SERVER, then passed through bare...

9.1CVSS0.00349EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-55590

CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the...

5.1CVSS5.9AI score0.00578EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2026/07/07 11:45 a.m.4 views

PYSEC-2026-1309 Docassemble unauthorized access through URL manipulation

Impact The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. Patches The vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched...

7.5CVSS7AI score0.69486EPSS
Exploits2References6
Metasploit
Metasploit
added 2026/07/03 7:1 p.m.169 views

Apache .htaccess Persistence

This module writes a persistence payload into an Apache .htaccess file using modcgi. The .htaccess file itself acts as a CGI shell, executing commands passed via the query string. Inspired by the htshells project by wireghoul. Module Options msf use exploit/linux/persistence/apachehtaccess msf...

6AI score
Exploits0
Fedora
Fedora
added 2026/07/01 1:22 a.m.12 views

[SECURITY] Fedora 43 Update: vmod-querystring-2.0.3-11.fc43

The purpose of this module is to give you a fine-grained control over a URL's query-string in Varnish Cache. It's possible to remove the query-string, clean it, sort its parameters or filter it to only keep a subset of them. This can greatly improve your hit ratio and efficiency with Varnish,...

5.6AI score
Exploits0
OSV
OSV
added 2026/06/30 6:9 p.m.4 views

GHSA-G4W6-VMGF-XQVX @cedar-policy/authorization-for-expressjs has an authorization bypass via query string manipulation

Summary @cedar-policy/authorization-for-expressjs is an open-source Express.js middleware that integrates Cedar authorization into Express applications by mapping HTTP requests to Cedar actions and evaluating authorization policies before allowing requests to proceed. An issue exists where, under...

8.8CVSS5.9AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/30 12:13 a.m.8 views

qs: qs: Denial of Service via improper input validation in array parsing

A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation e.g., a=value. This bypasses the arrayLimit option, which is designed to limit the size of...

6.3CVSS6.7AI score0.0041EPSS
Exploits1References6
CVE
CVE
added 2026/06/24 8:30 p.m.11 views

CVE-2026-52810

CVE-2026-52810 affects Gogs (Git self-hosted) where the authorization policy is derived from the client-supplied service parameter (e.g., service=git-upload-pack) instead of the actual RPC path. Consequently, requests to the write endpoint /repo.git/git-receive-pack can be treated as read, while ...

7.1CVSS5.9AI score0.00427EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.19 views

PT-2026-52151

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBUDashboard JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from insufficien...

8.8CVSS7.7AI score0.00689EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/23 7:53 p.m.4 views

CVE-2026-11820

A flaw was found in the community.general Ansible collection's nexmo module. The module constructs HTTP requests to the Vonage/Nexmo SMS API by encoding API credentials apikey and apisecret into URL query parameters and sending them via GET requests. This causes credentials to be exposed in web...

6.5CVSS5.8AI score0.00287EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/23 7:53 p.m.5 views

CVE-2026-11820 Community.general: community.general nexmo — api credentials exposed in get url query string[security] community.general nexmo — api credentials exposed in get url query string

Module: plugins/modules/nexmo.py CVSS 3.1: 6.5 MEDIUM — AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: apikey and apisecret are declared nolog=True at the input level, but both credentials are immediately URL-encoded into a GET request as query parameters, bypassing all nolog protection. Vulnerable...

6.5CVSS5.9AI score0.00287EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 7:53 p.m.19 views

CVE-2026-11820

CVE-2026-11820 affects the community.general nexmo module. Credentials api_key and api_secret are declared no_log but are URL-encoded into a GET request, exposing them in the query string (e.g., .../sms/json?api_key=...&api_secret=...). The vulnerability arises because the code constructs the URL...

6.5CVSS5.8AI score0.00287EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/23 7:53 p.m.47 views

CVE-2026-11820 Community.general: community.general nexmo — api credentials exposed in get url query string[security] community.general nexmo — api credentials exposed in get url query string

A flaw was found in the community.general Ansible collection's nexmo module. The module constructs HTTP requests to the Vonage/Nexmo SMS API by encoding API credentials apikey and apisecret into URL query parameters and sending them via GET requests. This causes credentials to be exposed in web...

6.5CVSS0.00287EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 7:53 p.m.11 views

EUVD-2026-38605

Module: plugins/modules/nexmo.py CVSS 3.1: 6.5 MEDIUM — AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: apikey and apisecret are declared nolog=True at the input level, but both credentials are immediately URL-encoded into a GET request as query parameters, bypassing all nolog protection. Vulnerable...

6.5CVSS6AI score0.00287EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/23 7:53 p.m.12 views

CVE-2026-11820

A flaw was found in the community.general Ansible collection's nexmo module. The module constructs HTTP requests to the Vonage/Nexmo SMS API by encoding API credentials apikey and apisecret into URL query parameters and sending them via GET requests. This causes credentials to be exposed in web...

6.5CVSS5.8AI score0.00287EPSS
Exploits0References3
Metasploit
Metasploit
added 2026/06/23 7:6 p.m.193 views

Audiobookshelf Unauthenticated API Authentication Bypass Scanner

This module detects Audiobookshelf servers affected by CVE-2025-25205, an unauthenticated authentication bypass. Affected versions 2.17.0 through 2.19.0 decide whether a GET request may skip authentication by testing an unanchored regular expression against the request's full original URL,...

8.2CVSS5.9AI score0.03999EPSS
Exploits2
OSV
OSV
added 2026/06/22 4:56 p.m.2 views

CVE-2026-53538 Python-Multipart: Semicolon treated as querystring field separator enables parameter smuggling

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www-form-urlencoded bodies, in addition to &. The WHATWG URL standard, modern browsers, and Python's urllib.parse since the CVE-2021-23336 fix treat only...

3.7CVSS5.9AI score0.00176EPSS
Exploits0References3
CVE
CVE
added 2026/06/22 4:55 p.m.112 views

CVE-2026-53539

CVE-2026-53539 (Python-Multipart) affects the Python-Multipart streaming multipart parser. Prior to 0.0.30, parsing application/x-www-form-urlencoded bodies used a two-step field separator lookup, causing an O(B^2) worst-case workload per chunk when semicolon is used as the separator and no amper...

7.5CVSS6.1AI score0.00263EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/22 4:55 p.m.1 views

CVE-2026-53539 Python-Multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, when parsing application/x-www-form-urlencoded bodies, QuerystringParser located the field separator with a two step lookup: it first scanned the entire remaining buffer for &, and only when no & existed anywhere ahead...

7.5CVSS6.2AI score0.00263EPSS
Exploits0References3
Rows per page
Query Builder