Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.13 views

PT-2026-36937

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update document/continue document/delete document/get content of the file app/routes/document.py. Performing a manipulation of the argument DOCS...

7.5CVSS5.5AI score0.0041EPSS
Exploits0References6
Prion
Prion
added 2024/01/23 6:15 p.m.18 views

Server side request forgery (ssrf)

Whoogle Search is a self-hosted metasearch engine. In versions prior to 0.8.4, the element method in app/routes.py does not validate the user-controlled srctype and elementurl variables and passes them to the send method which sends a GET request on lines 339-343 in request.py, which leads to a...

7.5CVSS6.9AI score0.01003EPSS
Exploits1References7Affected Software1
CNNVD
CNNVD
added 2024/01/23 12:0 a.m.4 views

whoogle-search Cross-Site Scripting Vulnerability

whoogle-search is a software application. Self-hosted, ad-free, privacy-respecting meta-search engine A cross-site scripting vulnerability exists in whoogle-search versions prior to 0.8.4, which stems from the element method in app/routes.py that does not validate user-controlled srctype and...

6.1CVSS6AI score0.0063EPSS
Exploits1References9
CNNVD
CNNVD
added 2024/01/23 12:0 a.m.6 views

whoogle-search path traversal vulnerability

whoogle-search is a software application. Self-hosted, ad-free, privacy-respecting metasearch engine. A path traversal vulnerability exists in whoogle-search versions prior to 0.8.4, which stems from the config function in app/routes.py that does not validate the user-controlled name variable and...

5.3CVSS6.8AI score0.00751EPSS
Exploits1References7
CNNVD
CNNVD
added 2022/12/18 12:0 a.m.3 views

OWASP NodeGoat 安全漏洞

OWASP NodeGoat is a project of the OWASP Foundation in the United States. It provides an environment to learn how the OWASP Top 10 security risks apply to web applications developed using Node. OWASP NodeGoat suffers from a security vulnerability that results in a denial of service due to unknown...

7.5CVSS7.4AI score0.01007EPSS
Exploits1References4
RubySec
RubySec
added 2016/04/20 12:0 a.m.21 views

Safemode Gem for Ruby is vulnerable to information disclosure

Safemode is initialised with an optional 'delegate' object. If the delegated object is a Rails controller, 'inspect' could be called which then exposes all informations about the App, including routes, secret tokens, caches and so on...

8.1CVSS6.9AI score0.02131EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder