9 matches found
Allocation of Resources Without Limits or Throttling
Overview youtube-regex is a The correct Youtube video id regex! Regex done right! Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the regex param. An attacker can cause excessive resource consumption by supplying crafted input that...
CVE-2026-2277 rexCrawler <= 1.0.15 - Reflected Cross-Site Scripting via 'url' and 'regex' Parameters
The rexCrawler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' and 'regex' parameters in the search-pattern tester page in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2277
The rexCrawler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' and 'regex' parameters in the search-pattern tester page in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2277 rexCrawler <= 1.0.15 - Reflected Cross-Site Scripting via 'url' and 'regex' Parameters
The rexCrawler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' and 'regex' parameters in the search-pattern tester page in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2026-26829
The rexCrawler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' and 'regex' parameters in the search-pattern tester page in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-49505
Summary: CVE-2024-49505 is a reflected-cross-site scripting (XSS) vulnerability in openSUSE Tumbleweed MirrorCache. The issue arises from improper input neutralization in the web page generation process, specifically affecting the REGEX and P parameters. Affected versions are MirrorCache before 1...
PT-2024-33540 · Opensuse · Opensuse Tumbleweed Mirrorcache
Name of the Vulnerable Software and Affected Versions: openSUSE Tumbleweed MirrorCache versions prior to 1.083 Description: A Cross-site Scripting vulnerability exists in openSUSE Tumbleweed MirrorCache, allowing the execution of arbitrary JavaScript via reflected XSS in the REGEX and P parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 project name parameter to project.php; the 2 usejs parameter to user.php; the 3 usejs parameter to group.php; the 4...
CVE-2015-2144
Multiple cross-site scripting XSS vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 project name parameter to project.php; the 2 usejs parameter to user.php; the 3 usejs parameter to group.php; the 4...