3 matches found
CVE-2025-58362 Hono contains a flaw in URL path parsing, potentially leading to path confusion
Hono is a Web application framework that provides support for any JavaScript runtime. Versions 4.8.0 through 4.9.5 contain a flaw in the getPath utility function which could allow path confusion and potential bypass of proxy-level ACLs e.g. Nginx location blocks. The original implementation relie...
ZoneMinder 跨站脚本漏洞
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, among others. A security vulnerability exists in ZoneMinder version 1.36.12, which stems from an issue containing stored cross-site scripting XSS that allows an attacker to execute HTM...
WordPress Plugin WP-Footnotes 2.2 - Multiple Remote Vulnerabilities
source: https://www.securityfocus.com/bid/27572/info WP-Footnotes plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. The plugin also insecurely exposes administrative functionality. An attacker may...