CVE-2023-53772

MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device...

EUVD-2023-60180

MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device...

CVE-2023-53772

MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device...

CVE-2023-53772

CVE-2023-53772 concerns MiniDVBLinux 5.4 with an arbitrary file disclosure via the about page. The vulnerability arises from improper handling of the GET parameter file used to disclose arbitrary file contents, enabling path traversal to read system files. Public descriptions from multiple source...

PT-2025-50269

Name of the Vulnerable Software and Affected Versions MiniDVBLinux version 5.4 Description MiniDVBLinux version 5.4 contains a flaw that allows attackers to read sensitive system files. This is possible through the 'file' GET parameter on the about page, enabling disclosure of arbitrary file...

CVE-2025-13275

CVE-2025-13275 concerns the Iqbolshoh php-business-website up to a rolling release build. All connected sources describe an issue in the file /admin/about.php that permits unrestricted file upload, with exploitation possible remotely. The vulnerability is widely reported as already disclosed publ...

CVE-2025-12461 Unprotected access to parts of the application in Epsilon RH by Grupo Castilla

This vulnerability allows an attacker to access parts of the application that are not protected by any type of access control. The attacker could access this path ‘…/epsilonnet/License/About.aspx’ and obtain information on both the licence and the configuration of the product by knowing which...

CVE-2025-12461

CVE-2025-12461 affects Grupo Castilla Epsilon RH. The issue allows an attacker to access the unprotected path …/epsilonnet/License/About.aspx and disclose license details and product configuration, including installed modules. The root cause is lack of access control on that path. Impact is infor...

Linux Distros Unpatched Vulnerability : CVE-2021-45085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS...

GHSA-6PFC-W86R-54Q6 Welcome and About GeoServer pages communicate version and revision information

Impact The welcome and about page includes version and revision information about the software in use including library and components used. This information is sensitive from a security point of view because it allows software used by the server to be easily identified. Proof of Concept 1. Welco...

Exploit for CVE-2024-27697

FuguHub 8.4 Authenticated RCE Fuguhub is a Cloud Media Serve...

OESA-2022-1627 epiphany security update

Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the Web content, instead of the browser application. Security Fixes: XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x...

CVE-2021-41929

Cross Site Scripting XSS in Sourcecodester The Electric Billing Management System 1.0 by oretnom23, allows attackers to execute arbitrary code via the about page...

CVE-2021-41929

Cross Site Scripting XSS in Sourcecodester The Electric Billing Management System 1.0 by oretnom23, allows attackers to execute arbitrary code via the about page...

CVE-2021-41929

Cross Site Scripting XSS in Sourcecodester The Electric Billing Management System 1.0 by oretnom23, allows attackers to execute arbitrary code via the about page...

Sourcecodester The Electric Billing Management System 跨站脚本漏洞

SourceCodester The Electric Billing Management System is a simple web application for managing customer bills for electric provider companies. sourceCodester The Electric Billing Management System version 1.0 A cross-site scripting vulnerability exists in version 1.0 of SourceCodester The Electri...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Membership & Learning Management System...

Cherokee Cross-Site Scripting Vulnerability

Cherokee is an open source web server. A cross-site scripting vulnerability exists in the handlerserverinfo.c file in Cherokee 1.2.104 and earlier versions, which stems from a requested URL not being displayed correctly on the About page. An attacker can use this vulnerability to reconfigure the...

PT-2020-10768 · Cherokee · Cherokee

Name of the Vulnerable Software and Affected Versions: Cherokee versions 1.2.104 and earlier Description: A cross-site scripting XSS issue was discovered in the handler server info.c file. The requested URL is improperly displayed on the About page in the default configuration of the web server a...

CVE-2019-20221

In Support Incident Tracker SiT! 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page...