PT-2026-41374

Name of the Vulnerable Software and Affected Versions @angular/platform-server versions prior to 22.0.0-next.12 @angular/platform-server versions prior to 21.2.13 @angular/platform-server versions prior to 20.3.21 @angular/platform-server versions prior to 19.2.22 Description A Server-Side Reques...

Bandit trusts client-supplied URI scheme on plaintext connections

Summary Bandit reflects the client-supplied URI scheme into conn.scheme without verifying the actual transport. Over a plaintext HTTP/1.1 connection or h2c, an unauthenticated attacker can send an absolute-form request target like GET https://victim/path HTTP/1.1 and the application observes...

EUVD-2008-2752

Malware in sbrugna...

EUVD-2008-2755

Malware in sbrugna...

Path Confusion

Hono is vulnerable to path confusion leading to proxy-level ACL bypass. The vulnerability is due to reliance on fixed character offsets when parsing request URLs due to incorrect handling of malformed absolute-form Request-URIs; attackers can craft such malformed absolute-form Request-URIs to cau...

XIGLA Absolute Form Processor XE 1.5 'login.asp' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34463/info Absolute Form Processor XE is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...

Absolute Form Processor XE-V 1.5 - (Auth Bypass) SQL Injection Vulnerability

No description provided by source. ----------------------------------------------------- ----------------------------------------------------- Absolute Form Processor XE-V 1.5 auth Bypass Remote Sql Injecion ----------------------------------------------------- Founder: ThE g0bL!NDz Home:...

Absolute Form Processor XE-V 1.5 - Remote Change Pasword Exploit

No description provided by source. title Absolute Form Processor XE-V 1.5 Remote Change Pasword /title body bgcolor=FFFFFF text=000000 form name=form1 method=post action=http://www.xigla.com/absolutefp/demo/edituser.asp table width=96% border=0 cellspacing=2 cellpadding=2 align=center tr...

Authentication flaw

Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value...

CVE-2008-6863

CVE-2008-6863 : Xigla Software Absolute Form Processor .NET 4.0 contains an authentication bypass. Remote attackers can gain administrative access by setting a specific cookie value. Impact is described as partial confidentiality, integrity, and availability with a CVSS v2 base score of 7.5 (HIGH...

CVE-2009-1504

Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."...

CVE-2009-1504

Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."...

CVE-2009-1504

CVE-2009-1504 affects Absolute Form Processor XE 1.5. The vulnerability allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to “lvl=1&userid=1.” This is supported by NVD/NVD-derived details; CVSS metrics indicate network attack, low co...

Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln

No description provided by source. Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln ---------------------------------------------------------- Discovered By: ZoRLu Date: 11.04.2009 Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com msn: [email protected] N0T: Herkes...

Absolute Form Processor XE-V 1.5 - Insecure Cookie Handling

Absolute Form Processor XE-V 1.5 - Insecure Cookie Handling Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln ---------------------------------------------------------- Discovered By: ZoRLu Date: 11.04.2009 Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com msn:...

Absolute Form Processor XE-V 1.5 - Insecure Cookie Handling

Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln ---------------------------------------------------------- Discovered By: ZoRLu Date: 11.04.2009 Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com msn: [email protected] N0T: Herkes Hecker Olmus :S N0T: if you wanna...

Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln

Exploit for asp platform in category web applications ============================================================== Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln ============================================================== Absolute Form Processor XE-V 1.5 Insecure Cookie...

Absolute Form Processor XE-V 1.5 Password Changer

Absolute Form Processor XE-V 1.5 Remote Change Pasword Home:http://www.xigla.com E-mail : Username : Password : input type="password" name="pwd" size="40" value...

Absolute Form Processor XE-V 1.5 Remote Change Pasword Exploit

Exploit for asp platform in category web applications ============================================================== Absolute Form Processor XE-V 1.5 Remote Change Pasword Exploit ============================================================== Absolute Form Processor XE-V 1.5 Remote Change Pasword...

Absolute Form Processor XE-V 1.5 auth Bypass SQL Injection Vuln

Absolute Form Processor XE-V 1.5 auth Bypass SQL Injection Vuln. Webapps exploit for asp platform ----------------------------------------------------- ----------------------------------------------------- Absolute Form Processor XE-V 1.5 auth Bypass Remote Sql Injecion...