EUVD-2022-7578

Malicious code in bioql PyPI...

EUVD-2022-6152

Malicious code in bioql PyPI...

GHSA-QM9P-F9J5-W83W Parcel has an Origin Validation Error vulnerability

parcel versions 1.6.1 and above have an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them. Version 2.16.4 supports a --no-cors option which disables CORS...

CVE-2025-56648

npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them...

Linux Distros Unpatched Vulnerability : CVE-2021-31597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized when the property exists but ...

Linux Distros Unpatched Vulnerability : CVE-2020-28502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously async=False on...

Malicious code in avalon-plugin-xmlhttprequest (npm)

The package avalon-plugin-xmlhttprequest was found to contain malicious code...

MAL-2025-15190 Malicious code in avalon-plugin-xmlhttprequest (npm)

The package avalon-plugin-xmlhttprequest was found to contain malicious code...

Open Redirect

Overview urllib3 is a HTTP library with thread-safe connection pooling, file post, and more. Affected versions of this package are vulnerable to Open Redirect when used within a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest, due to the retries and redirect...

CVE-2022-28803

In SilverStripe Framework through 2022-04-07, Stored XSS can occur in javascript link tags added via XMLHttpRequest XHR...

CVE-2021-24167

When visiting a site running Web-Stat 1.4.0, the "wtswebstatloadinit" function used the visitor’s browser to send an XMLHttpRequest request to https://wts2.one/ajax.htm?action=lookupWPaccount...

CVE-2019-15138

The html-pdf package 2.2.0 for Node.js has an arbitrary file read vulnerability via an HTML file that uses XMLHttpRequest to access a file:/// URL...

CVE-2019-11593

In Adblock Plus before 3.5.2, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect...

Exploit for Cross-site Scripting in Roundcube Webmail

Exploit Title: Roundcube mail server exploit for CVE-2024-373...

CentOS 7 : firefox (RHSA-2021:5014)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:5014 advisory. - Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported...

CentOS 7 : thunderbird (RHSA-2021:5046)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:5046 advisory. - Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported...

Vehicle Service Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Vehicle Service Management System 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

Online Eyewear Shop 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Online Eyewear Shop v1.0 CSRF Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0...

PHP ACRSS 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : php acrss 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64 bits | ...

Prison Management System 1.0 Add Administrator

============================================================================================================================================= | Title : Prison Management System v1.0 Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3...