PT-2026-41374

Name of the Vulnerable Software and Affected Versions @angular/platform-server versions prior to 22.0.0-next.12 @angular/platform-server versions prior to 21.2.13 @angular/platform-server versions prior to 20.3.21 @angular/platform-server versions prior to 19.2.22 Description A Server-Side Reques...

Bandit trusts client-supplied URI scheme on plaintext connections

Summary Bandit reflects the client-supplied URI scheme into conn.scheme without verifying the actual transport. Over a plaintext HTTP/1.1 connection or h2c, an unauthenticated attacker can send an absolute-form request target like GET https://victim/path HTTP/1.1 and the application observes...

EUVD-2008-2752

Malware in sbrugna...

EUVD-2008-2755

Malware in sbrugna...

Path Confusion

Hono is vulnerable to path confusion leading to proxy-level ACL bypass. The vulnerability is due to reliance on fixed character offsets when parsing request URLs due to incorrect handling of malformed absolute-form Request-URIs; attackers can craft such malformed absolute-form Request-URIs to cau...

Absolute Form Processor XE-V 1.5 - (Auth Bypass) SQL Injection Vulnerability

No description provided by source. ----------------------------------------------------- ----------------------------------------------------- Absolute Form Processor XE-V 1.5 auth Bypass Remote Sql Injecion ----------------------------------------------------- Founder: ThE g0bL!NDz Home:...

Absolute Form Processor XE-V 1.5 - Remote Change Pasword Exploit

No description provided by source. title Absolute Form Processor XE-V 1.5 Remote Change Pasword /title body bgcolor=FFFFFF text=000000 form name=form1 method=post action=http://www.xigla.com/absolutefp/demo/edituser.asp table width=96% border=0 cellspacing=2 cellpadding=2 align=center tr...

XIGLA Absolute Form Processor XE 1.5 'login.asp' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34463/info Absolute Form Processor XE is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...

Authentication flaw

Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value...

CVE-2008-6863

CVE-2008-6863 : Xigla Software Absolute Form Processor .NET 4.0 contains an authentication bypass. Remote attackers can gain administrative access by setting a specific cookie value. Impact is described as partial confidentiality, integrity, and availability with a CVSS v2 base score of 7.5 (HIGH...

CVE-2009-1504

Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."...

CVE-2009-1504

CVE-2009-1504 affects Absolute Form Processor XE 1.5. The vulnerability allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to “lvl=1&userid=1.” This is supported by NVD/NVD-derived details; CVSS metrics indicate network attack, low co...

CVE-2009-1504

Absolute Form Processor XE 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."...

Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln

No description provided by source. Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln ---------------------------------------------------------- Discovered By: ZoRLu Date: 11.04.2009 Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com msn: [email protected] N0T: Herkes...

Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln

Exploit for asp platform in category web applications ============================================================== Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln ============================================================== Absolute Form Processor XE-V 1.5 Insecure Cookie...

Absolute Form Processor XE-V 1.5 - Insecure Cookie Handling

Absolute Form Processor XE-V 1.5 - Insecure Cookie Handling Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln ---------------------------------------------------------- Discovered By: ZoRLu Date: 11.04.2009 Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com msn:...

Absolute Form Processor XE-V 1.5 Remote Change Pasword Exploit

Exploit for asp platform in category web applications ============================================================== Absolute Form Processor XE-V 1.5 Remote Change Pasword Exploit ============================================================== Absolute Form Processor XE-V 1.5 Remote Change Pasword...

Absolute Form Processor XE-V 1.5 auth Bypass SQL Injection Vuln

Absolute Form Processor XE-V 1.5 auth Bypass SQL Injection Vuln. Webapps exploit for asp platform ----------------------------------------------------- ----------------------------------------------------- Absolute Form Processor XE-V 1.5 auth Bypass Remote Sql Injecion...

Absolute Form Processor XE-V 1.5 - Remote Change Password

Absolute Form Processor XE-V 1.5 Remote Change Pasword Home:http://www.xigla.com E-mail : Username : Password : td wid...

Absolute Form Processor XE-V 1.5 - Insecure Cookie Handling

Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln ---------------------------------------------------------- Discovered By: ZoRLu Date: 11.04.2009 Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com msn: [email protected] N0T: Herkes Hecker Olmus :S N0T: if you wanna...