CVE-2026-6394

The Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Server-Side Request Forgery SSRF in versions up to and including 1.1.1. This is due to the importdemo function accepting a user-supplied URL in the demojsonfile POST parameter and...

EUVD-2026-31033

The Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Server-Side Request Forgery SSRF in versions up to and including 1.1.1. This is due to the importdemo function accepting a user-supplied URL in the demojsonfile POST parameter and...

CVE-2026-35527

Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...

CVE-2026-1436

Improper Access Control IDOR in the Graylog API, version 2.2.3, which occurs when modifying the user ID in the URL. An authenticated user can access other user's profiles without proper authorization checks. Exploiting this vulnerability allows valid users of the system to be listed and sensitive...

CVE-2025-14613

The GetContentFromURL plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0. This is due to the plugin using wpremoteget instead of wpsaferemoteget to fetch content from a user-supplied URL in the 'url' parameter of the gcfu shortcode. This...

CVE-2025-26391 SolarWinds Observability Self-Hosted XSS Vulnerability

SolarWinds Observability Self-Hosted XSS Vulnerability. The SolarWinds Platform was susceptible to a XSS vulnerability that affects user-created URL fields. This vulnerability requires authentication from a low-level account...

Improper Neutralization Of Escape, Meta, Or Control Sequences

Apache Tomcat is vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences vulnerability. The vulnerability is due to Tomcat logging unescaped, user-controlled URL data to console output, and attackers can use specially crafted URLs to inject ANSI escape sequences to manipulate...

CVE-2021-23888

Unvalidated client-side URL redirect vulnerability in McAfee ePolicy Orchestrator ePO prior to 5.10 Update 10 could cause an authenticated ePO user to load an untrusted site in an ePO iframe which could steal information from the authenticated user...

Mealie 安全漏洞

Mealie is a self-hosted recipe manager and meal planner from an individual developer in Hayden, USA. A security vulnerability exists in Mealie versions prior to 1.4.0 that stems from a safescrapehtml function that utilizes a user-controlled URL to make requests to a remote server that are not...

UBUNTU-CVE-2024-29041

Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an...

CVE-2021-23266

An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator...

Pornhub: [xss, pornhub.com] /user/[username], multiple parameters

The researcher identified that the following URL for the Pornhub user was vulnerable to reflected/semi-stored cross site scripting, which enabled the researcher to craft a URL that pops an alert box upon mousing over the language selection at bottom of page. The affected url can be seen below:...

Joomla User URL Redirection

0000000000000000000000000000000000 000000000000000000000 00000000000000000000000000000000000 0000000000000000 00000000000000000000000000000000 + Joomla Component comuser view Url Redirection + Software : Joomla + Author : 599eme Man + Contact : [email protected] + Thanks : Moudi, Neocoderz, Sheiry,...