43 matches found
EUVD-2013-0932
Malware in sbrugna...
EUVD-2020-13257
Malware in sbrugna...
EUVD-2017-5304
Malware in sbrugna...
EUVD-2015-0704
Malware in sbrugna...
EUVD-2016-0309
Malware in sbrugna...
EUVD-2016-8444
Malware in sbrugna...
EUVD-2016-2803
Malware in sbrugna...
CVE-2025-57965
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP CodeUs WP Proposals wp-proposals allows Stored XSS.This issue affects WP Proposals: from n/a through = 2.3...
CVE-2025-55473
Asian Arts Talents Foundation AATF Website v5.1.x and Docker version 2024.12.8.1 are vulnerable to Cross Site Scripting XSS. The vulnerability exists in the /ip.php endpoint, which processes and displays the X-Forwarded-For HTTP header without proper sanitization or output encoding. This allows a...
CVE-2024-49796 IBM ApplinX Clickjacking
IBM ApplinX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim...
Session is not expiring after password resetting
Description Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs, in this case the session is not getting expired after the password change Proof of Concept 1. Open http://localhost:8188/studio/profile in 2 browsers I use Firefox a...
CVE-2020-20470
CVE-2020-20470 affects White Shark System (WSS) 1.3.2. The issue is described as a website physical path leakage/disclosure vulnerability in WSS 1.3.2, with NVD metrics showing a medium base score (CVSS 2.0: 5.0; CVSS 3.1: 5.3) and network attack vector with low complexity. Connected sources cons...
easyquick Directory Traversal Vulnerability
easyquick is a web server. A directory traversal vulnerability exists in easyquick. An attacker can exploit this vulnerability by placing a '... /' sequence in a URL to gain access to the file system...
Charter Sports Administrator Login Bypass Vulnerability
Charter Sports is a website system developed in php. Charter Sports has an administrator page login bypass vulnerability. An attacker can use this vulnerability to log in directly to the backend and gain administrator privileges...
CVE-2018-4085
CVE-2018-4085 affects Apple devices via the QuartzCore component. A memory corruption issue in processing web content could allow remote code execution or cause a denial of service (application crash). Affected: iOS before 11.2.5, macOS before 10.13.3, tvOS before 11.2.5, watchOS before 4.2.2. Mi...
CVE-2018-6360
mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdlhook.lua. For example, an av://lavfi:ladspa=file= UR...
SQL Injection Vulnerability in Xi'an Hongbo Network Technology Co.
Xi'an Hongbo Network Technology Co., Ltd. is a professional design team integrating network preparation, digital film and television production, and brand visual design. Xi'an Hongbo Network Technology Co., Ltd. website construction system suffers from SQL injection vulnerability. Attackers can...
CVE-2016-7181
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."...
CVE-2016-1708
The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified...
CVE-2016-1701
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted w...