50 matches found
CVE-2026-50552 Koel: Server-Side Request Forgery (SSRF) in radio station creation due to missing validation bail
Koel is a free, open-source music streaming solution. Prior to version 9.7.1, Koel contains a Server-Side Request Forgery SSRF vulnerability in the radio station creation endpoint POST /api/radio/stations. The url field validation rules are declared without the bail keyword, so the...
CVE-2026-50552
Koel (open-source music streaming) is affected prior to version 9.7.1 by a Server-Side Request Forgery (SSRF) in the radio station creation endpoint (POST /api/radio/stations). The url validation rules are declared without bail, allowing the HasAudioContentType rule to issue HTTP requests even af...
PT-2026-48965
Name of the Vulnerable Software and Affected Versions Koel versions prior to 9.7.1 Description An authenticated, non-admin user can cause the server to make HEAD or GET requests to arbitrary internal hosts. This occurs because the validation rules for the url field in the "POST /api/radio/station...
WordPress Radio Station by netmix® – Manage and play your Show Schedule in WordPress! plugin <= 2.5.9 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Radio Station versions = 2.5.9...
CVE-2024-58277
R Radio Network FM Transmitter 1.07 allows unauthenticated attackers to access the admin user's password through the system.cgi endpoint, enabling authentication bypass and FM station setup access...
EUVD-2024-31401
Malicious code in bioql PyPI...
EUVD-2025-19961
Malicious code in bioql PyPI...
The Mysterious Shortwave Radio Station Stoking US-Russia Nuclear Fears
A popular shortwave Russian radio station dubbed “UVB-76” has been an enigma for decades. But its recent messages have turned it into a tool for Kremlin saber-rattling...
CVE-2025-53568
Cross-Site Request Forgery CSRF vulnerability in Tony Zeoli Radio Station radio-station allows Cross Site Request Forgery.This issue affects Radio Station: from n/a through = 2.5.12...
CVE-2025-53568
Cross-Site Request Forgery CSRF vulnerability in Tony Zeoli Radio Station radio-station allows Cross Site Request Forgery.This issue affects Radio Station: from n/a through = 2.5.12...
CVE-2025-53568 WordPress Radio Station plugin <= 2.5.12 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Tony Zeoli Radio Station radio-station allows Cross Site Request Forgery.This issue affects Radio Station: from n/a through = 2.5.12...
CVE-2025-53568 WordPress Radio Station plugin <= 2.5.12 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Tony Zeoli Radio Station radio-station allows Cross Site Request Forgery.This issue affects Radio Station: from n/a through = 2.5.12...
CVE-2025-53568
CVE-2025-53568 affects the WordPress plugin Radio Station (Radio Station by netmix) with a CSRF vulnerability in the admin surface for versions
WordPress plugin Radio Station 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress Radio Station, which stems from the application not properly handling user-submitted form data, and no detail...
PT-2025-27892 · Unknown · Tony Zeoli Radio Station
Name of the Vulnerable Software and Affected Versions: Tony Zeoli Radio Station versions 2.5.12 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on the affected system. This vulnerability...
WordPress Radio Station plugin <= 2.5.12 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin Radio Station versions = 2.5.12...
CVE-2024-33689
Cross-Site Request Forgery CSRF vulnerability in Tony Zeoli Radio Station radio-station.This issue affects Radio Station: from n/a through = 2.5.7...
Radio Station by netmix® – Manage and play your Show Schedule in WordPress! < 2.5.8 - Cross-Site Request Forgery to Notice Dismissal
Description The Radio Station by netmix® – Manage and play your Show Schedule in WordPress! plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.7. This is due to missing or incorrect nonce validation on the radiostationnoticedismiss function...
CVE-2024-33689
Cross-Site Request Forgery CSRF vulnerability in Tony Zeoli Radio Station radio-station.This issue affects Radio Station: from n/a through = 2.5.7...
CVE-2024-33689 WordPress Radio Station plugin <= 2.5.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Tony Zeoli, Tony Hayes Radio Station.This issue affects Radio Station: from n/a through 2.5.7...