PT-2025-26521 · Unknown · Simple Online Hotel Reservation System

Name of the Vulnerable Software and Affected Versions: Simple Online Hotel Reservation System version 1.0 Description: A critical issue was found in the Simple Online Hotel Reservation System, affecting some unknown functionality of the file /admin/edit query account.php. The manipulation of the...

CVE-2024-47080 matrix-js-sdk keys sent via `sendSharedHistoryKeys` vulnerable to interception by malicious homeserver

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. In matrix-js-sdk versions versions 9.11.0 through 34.7.0, the method MatrixClient.sendSharedHistoryKeys is vulnerable to interception by malicious homeservers. The method was introduced by MSC3061 and is commonly used to...

PT-2024-21781 · Ibm · Ibm Integration Bus For Z/Os

Name of the Vulnerable Software and Affected Versions: IBM Integration Bus for z/OS versions 10.1 through 10.1.0.3 Description: The issue is related to cross-site request forgery, which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website...

CVE-2022-2691

A vulnerability, which was classified as problematic, has been found in SourceCodester Wedding Hall Booking System. Affected by this issue is some unknown functionality of the file /whbs/?page=manageaccount of the component Profile Page. The manipulation leads to cross site scripting. The attack...

Chicago Tribune Cross Site Scripting

Title: Chicago Tribune reflected Cross Site Scripting vulnerability Vendor: Chicago Tribune http://www.chicagotribune.com/ Description: mobile.chicagotribune.com suffers from a reflected Cross-site Scripting XSS vulnerability. Advisory time-line:...