GHSA-V8WJ-F5C7-PVXF Strapi allows Server-Side Request Forgery in Webhook function

Description In Strapi latest version, at function Settings - Webhooks, the application allows us to input a URL in order to create a Webook connection. However, we can input into this field the local domains such as localhost, 127.0.0.1, 0.0.0.0,.... in order to make the Application fetching into...

PT-2025-5234 · Unknown · Basteln3Rk Save & Import Image From Url

Name of the Vulnerable Software and Affected Versions: basteln3rk Save & Import Image from URL versions n/a through 0.7 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting'. This allows for Reflected XSS in the Save...

PT-2024-9549 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.21 and earlier Description: The issue is related to a DOM-based Cross-Site Scripting XSS vulnerability. It could be exploited by an attacker to execute arbitrary code in the context of the victim's browse...

streamlit-geospatial 代码问题漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A code issue vulnerability exists in streamlit-geospatial that stems from pages/7? The url variable in WebMapService.py accepts user input that is passed to the getlayers...

streamlit-geospatial 代码问题漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A code issue vulnerability exists in streamlit-geospatial that stems from pages/9? The url variable in VectorDataVisualization.py accepts user input, which is then passed...

PT-2024-23903 · Parisneo · Lollms-Webui

Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui versions prior to 9.5 Description: A command injection issue exists due to the improper neutralization of special elements in an OS command within the run xtts api server function of the lollms xtts.py script. This allow...

UBUNTU-CVE-2024-29041

Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an...

Cross-site Scripting (XSS)

getkirby/cms is vulnerable to Cross-site Scripting XSS. The vulnerability is due to insufficient validation and sanitization of the URL input, allowing attackers to execute arbitrary JavaScript code in the user's context by embedding a malicious javascript: URL in the link target of a link button...

CVE-2024-26148

Querybook is a user interface for querying big data. Prior to version 3.31.1, there is a vulnerability in Querybook's rich text editor that enables users to input arbitrary URLs without undergoing necessary validation. This particular security flaw allows the use of javascript: protocol which can...

CVE-2024-26148

CVE-2024-26148 affects Querybook prior to v3.31.1, where the rich text editor accepts arbitrary URLs without validation, enabling the use of the javascript: protocol and potentially triggering client-side execution. The most severe impact could allow an admin to be compromised via a crafted XSS U...

WordPress Plugin PowerPack Addons for Elementor Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

Server side request forgery (ssrf)

The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network...

CVE-2023-1977 Booking Manager < 2.0.29 - Subscriber+ SSRF

The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network...

Reflected XSS in URL path of '/admin/controllers/edit/activity/perms/'

Description /admin/controllers/edit/activity/perms/ takes input from the URL directly without sufficient sanitization leading to a Reflected XSS. A valid admin session is required, without it, the user will be brought to the login page instead of the affected page. Proof of Concept 1. Login as an...

CVE-2023-33731

Reflected Cross Site Scripting XSS in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly...

Internet Bug Bounty: Open Redirect Vulnerability in Action Pack

An open redirect vulnerability was discovered in Action Pack, specifically in the redirectto helper function. This vulnerability allowed for the possibility of an attacker to craft a URL that could bypass the protection against open redirects introduced in Rails 7.0. The vulnerability was fixed i...

CVE-2023-23943 Blind SSRF via server URL input in the Nextcloud Mail app

Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is...

PT-2022-17591 · Unknown · Lite-Dev-Server

Name of the Vulnerable Software and Affected Versions: lite-dev-server versions all Description: The issue arises due to missing input sanitization and the employment of sandboxes to the req.url user input that is passed to the server code, leading to Directory Traversal. Recommendations: For all...

CVE-2022-41945 Remote Code Execution (RCE) vulnerability in super-xray via URL input

super-xray is a vulnerability scanner xray GUI launcher. In version 0.1-beta, the URL is not filtered and directly spliced ​​into the command, resulting in a possible RCE vulnerability. Users should upgrade to super-xray 0.2-beta...

CVE-2022-41945 Remote Code Execution (RCE) vulnerability in super-xray via URL input

super-xray is a vulnerability scanner xray GUI launcher. In version 0.1-beta, the URL is not filtered and directly spliced ​​into the command, resulting in a possible RCE vulnerability. Users should upgrade to super-xray 0.2-beta...