CVE-2025-50690

A Cross-Site Scripting XSS vulnerability exists in SpatialReference.org OSGeo/spatialreference.org versions prior to 2025-05-17 commit 2120adfa17ddd535bd0f539e6c4988fa3a2cb491. The vulnerability is caused by improper handling of user input in the search query parameter. An attacker can craft a...

CVE-2024-33610

"sessionlist.html" and "systrayentryreboot.html" are accessible with no authentication. "sessionlist.html" provides logged-in users' session information including session cookies, and "systrayentryreboot.html" allows to reboot the device. As for the details of affected product names, model number...

Brave Browser enters dark web with its own Tor Onion service

By Deeba Ahmed Now Brave browser pages will be accessible on the Dark Web via the Tor gateway. This is a post from HackRead.com Read the original post: Brave Browser enters dark web with its own Tor Onion service...

CVE-2020-12266

An issue was discovered where there are multiple externally accessible pages that do not require any sort of authentication, and store system information for internal usage. The devices automatically query these pages to update dashboards and other statistics, but the pages can be accessed...

CVE-2012-3824

In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible without authentication or authorization...

LocalTapiola: Oracle WebCenter Sites Support Tools available and Information disclosure (/cs/Satellite)

Oracle WebCenter Sites Support Tools are available in: www.lahitapiola.fi This software is password protected, but some pages are publicly available and reveal internal information. The welcome page is located at: http://www.lahitapiola.fi/henkilo?pagename=Support/Home This page reveal data as th...