26 matches found
CVE-2026-8125
The affected software is code-projects Simple Chat System 1.0. Vulnerable component: sendMessage.php. Root cause: improper validation of argument type/length/business parameter validity leading to SQL injection. Attack could be launched remotely and the exploit is publicly available. CVSS metrics...
PT-2026-38629
Name of the Vulnerable Software and Affected Versions Simple Chat System version 1.0 Description An issue exists in the 'sendMessage.php' file where improper manipulation of argument type, length, or business parameter validity allows for SQL injection. This flaw can be exploited remotely...
EUVD-2026-19021
A weakness has been identified in FedML-AI FedML up to 0.8.9. Affected is the function sendMessage of the file grpcserver.py of the component gRPC server. Executing a manipulation can lead to deserialization. The attack may be performed from remote. The vendor was contacted early about this...
CVE-2026-5536
A weakness has been identified in FedML-AI FedML up to 0.8.9. Affected is the function sendMessage of the file grpcserver.py of the component gRPC server. Executing a manipulation can lead to deserialization. The attack may be performed from remote. The vendor was contacted early about this...
CVE-2026-5536
A weakness has been identified in FedML-AI FedML up to 0.8.9. Affected is the function sendMessage of the file grpcserver.py of the component gRPC server. Executing a manipulation can lead to deserialization. The attack may be performed from remote. The vendor was contacted early about this...
CVE-2026-5536 FedML-AI FedML gRPC server grpc_server.py sendMessage deserialization
A weakness has been identified in FedML-AI FedML up to 0.8.9. Affected is the function sendMessage of the file grpcserver.py of the component gRPC server. Executing a manipulation can lead to deserialization. The attack may be performed from remote. The vendor was contacted early about this...
CVE-2026-5536 FedML-AI FedML gRPC server grpc_server.py sendMessage deserialization
A weakness has been identified in FedML-AI FedML up to 0.8.9. Affected is the function sendMessage of the file grpcserver.py of the component gRPC server. Executing a manipulation can lead to deserialization. The attack may be performed from remote. The vendor was contacted early about this...
PT-2026-30407
A weakness has been identified in FedML-AI FedML up to 0.8.9. Affected is the function sendMessage of the file grpc server.py of the component gRPC server. Executing a manipulation can lead to deserialization. The attack may be performed from remote. The vendor was contacted early about this...
FEDML 代码问题漏洞
FEDML is a unified and scalable machine learning training and deployment library open source by TensorOpera. Versions of FedML 0.8.9 and earlier have code vulnerabilities, which stem from a deserialization issue in the sendMessage function...
EUVD-2022-28987
Malicious code in bioql PyPI...
CVE-2022-24074
Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises...
Withdrawal with gas limit more than 28_750_517 can never be executed with CrossDomainMessenger
Lines of code Vulnerability details Impact Withdrawal with gas limit more than 28750517 can never be executed with CrossDomainMessenger. User that will initiate such withdrawal will loose his funds and will not be able to execute the withdrawal, because of reaching maximum block gas limit. Proof ...
PT-2022-16453 · Unknown · Whale Bridge +1
Name of the Vulnerable Software and Affected Versions: Whale browser versions prior to 3.12.129.18 Description: The issue allows Whale Bridge, a default extension in Whale browser, to receive any SendMessage request from the content script itself. This could lead to controlling Whale Bridge if th...
Rocket.Chat: User Impersonation through sendMessage options
The Meteor call "sendMessage" allowed clients to use custom avatar and alias parameters, which could be used to impersonate other chat room members. This vulnerability has been patched...
The Windows kernel mention the right Vulnerability, CVE-2 0 1 4-4 1 1 3 analysis report-vulnerability warning-the black bar safety net
0x00 vulnerability background Recently, CrowdStrike team found Win64bit2008 R2 Server on the system there is a suspicious attack behavior and capture to the associated samples. Baidu security attack and Defense laboratories to the outside world release of the poc for the research, the vulnerabili...
MS13-005 Proof Of Concept
/ ms13-005-funz-poc.cpp - Drive a Medium IL cmd.exe via a Low IL process and message broadcasted Copyright C 2012 Axel "0vercl0k" Souchet - http://www.twitter.com/0vercl0k This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as...
Windows Win32k Pointer Dereferencement PoC (MS10-098)
Exploit for windows platform in category dos / poc / MS10-098 CVE-2010-3944 Microsoft Windows Win32k pointer dereferencement -------------------- Affected Software ------------------------ Microsoft Windows 7 / 2008 -------------------- Consequences ----------------------- An unprivileged user ma...
CVE-2008-6631
Multiple cross-site scripting XSS vulnerabilities in index.php in BlogPHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 user parameter in a sendmessage action and the 2 username parameter when registering a new user, different vectors than CVE-2008-0679...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php in BlogPHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 user parameter in a sendmessage action and the 2 username parameter when registering a new user, different vectors than CVE-2008-0679...
CVE-2008-6631
Multiple cross-site scripting XSS vulnerabilities in index.php in BlogPHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 user parameter in a sendmessage action and the 2 username parameter when registering a new user, different vectors than CVE-2008-0679...