GHSA-XRWR-FCW6-FMQ8 Weblate: SSRF via Project-Level Machinery Configuration

Impact A user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate makes an HTTP request to the attacker-controlled URL and reflec...

EUVD-2024-55545

The authentication endpoint fails to adequately validate user-supplied input before reflecting it back in the response. This allows an attacker to inject malicious script payloads into the input parameters, which are then executed by the victim's browser. Successful exploitation can enable an...

PT-2026-33302

The authentication endpoint fails to adequately validate user-supplied input before reflecting it back in the response. This allows an attacker to inject malicious script payloads into the input parameters, which are then executed by the victim's browser. Successful exploitation can enable an...

WordPress plugin Customer Reviews for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

XWiki Platform 安全漏洞

The XWiki Platform is an open-source wiki platform used for creating web collaboration applications. Vulnerabilities exist in versions 10.4-rc-1 to 16.10.15, 17.0.0-rc-1 to 17.4.7, and 17.5.0-rc-1 to 17.10.0 of the XWiki Platform. These vulnerabilities stem from a reflection-type cross-site...

WWBN AVideo has a CORS Origin Reflection Bypass via plugin/API/router.php and allowOrigin(true) Exposes Authenticated API Responses

Summary The CORS origin validation fix in commit 986e64aad is incomplete. Two separate code paths still reflect arbitrary Origin headers with credentials allowed for all /api/ endpoints: 1 plugin/API/router.php lines 4-8 unconditionally reflect any origin before application code runs, and 2...

GHSA-FF5Q-CC22-FGP4 WWBN AVideo has a CORS Origin Reflection Bypass via plugin/API/router.php and allowOrigin(true) Exposes Authenticated API Responses

Summary The CORS origin validation fix in commit 986e64aad is incomplete. Two separate code paths still reflect arbitrary Origin headers with credentials allowed for all /api/ endpoints: 1 plugin/API/router.php lines 4-8 unconditionally reflect any origin before application code runs, and 2...

WWBN AVideo has CORS Origin Reflection with Credentials on Sensitive API Endpoints Enables Cross-Origin Account Takeover

Summary The allowOrigin$allowAll=true function in objects/functions.php reflects any arbitrary Origin header back in Access-Control-Allow-Origin along with Access-Control-Allow-Credentials: true. This function is called by both plugin/API/get.json.php and plugin/API/set.json.php — the primary API...

GHSA-CCQ9-R5CW-5HWQ WWBN AVideo has CORS Origin Reflection with Credentials on Sensitive API Endpoints Enables Cross-Origin Account Takeover

Summary The allowOrigin$allowAll=true function in objects/functions.php reflects any arbitrary Origin header back in Access-Control-Allow-Origin along with Access-Control-Allow-Credentials: true. This function is called by both plugin/API/get.json.php and plugin/API/set.json.php — the primary API...

Rukovoditel CRM 安全漏洞

Rukovoditel CRM is a web-based customer relationship and business process management system developed by Rukovoditel company. Versions of Rukovoditel CRM 3.6.4 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the fact that the zdecho parameter in the Zadarma phon...

GHSA-FF24-4PRJ-GPMJ Arcane has Unauthenticated SSRF with Conditional Response Reflection in Template Fetch Endpoint

Summary The /api/templates/fetch endpoint accepts a caller-supplied url parameter and performs a server-side HTTP GET request to that URL without authentication and without URL scheme or host validation. The server's response is returned directly to the caller. type. This constitutes an...

Arcane has Unauthenticated SSRF with Conditional Response Reflection in Template Fetch Endpoint

Summary The /api/templates/fetch endpoint accepts a caller-supplied url parameter and performs a server-side HTTP GET request to that URL without authentication and without URL scheme or host validation. The server's response is returned directly to the caller. type. This constitutes an...

CVE-2026-35654

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Microsoft Teams feedback invokes that allows unauthorized senders to record session feedback. Attackers can bypass sender allowlist checks via feedback invoke endpoints to trigger unauthorized feedback recording or...

Lodash 4.17.12 Prototype Pollution Scanner

This tool is a multi-threaded CLI scanner designed to detect potential Prototype Pollution vulnerabilities in web applications using Lodash. It targets endpoints that may improperly handle user-supplied JSON input and perform unsafe object merging operations e.g., via defaultsDeep. The scanner...

Joomla HikaShop 跨站脚本漏洞

Joomla HikaShop is an open-source e-commerce website building and online store management extension developed by HikaShop. Version 4.7.4 of Joomla HikaShop contains a cross-site scripting vulnerability, which stems from improper handling of GET parameters. This vulnerability may lead to...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ?describe page when user-supplied input is reflected in the response without proper sanitization. An attacker can execute JavaScript in the context of a victim's browser by convincing the user to click a...

A Multi-Agent Framework for Automated Exploit Generation with Constraint-Guided Comprehension and Reflection

Open-source libraries are widely used in modern software development, introducing significant security vulnerabilities. While static analysis tools can identify potential vulnerabilities at scale, they often generate overwhelming reports with high false positive rates. Automated Exploit Generatio...

Workbench 跨站脚本漏洞

Workbench is an open-source web tool suite for managing Salesforce data and metadata, developed by Force.com. Versions of Workbench prior to 65.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-type cross-site scripting vulnerability in the...

CVE-2026-34767 Electron: HTTP Response Header Injection in custom protocol handlers and webRequest

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.3, 40.8.3, and 41.0.3, apps that register custom protocol handlers via protocol.handle / protocol.registerSchemesAsPrivileged or modify response headers via...

CVE-2026-34739

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...