PYSEC-2026-105

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval function on array-like command parameters, which allows a user-supplied payload to execute in the browser when...

CVE-2026-42086

OpenC3 COSMOS is affected by a Self-XSS in the Command Sender UI prior to version 7.0.0, caused by an unsafe eval() on array-like command parameters. A user-supplied payload could execute in the victim’s browser when sending a command, potentially allowing an attacker to read or modify data in th...

CVE-2026-42086

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval function on array-like command parameters, which allows a user-supplied payload to execute in the browser when...

GHSA-FFQ5-QPVF-XQ7X OpenC3 COSMOS is Vulnerable to Self-XSS Through the Command Sender

Summary The Command Sender UI uses an unsafe eval function on array-like command parameters, which allows a user-supplied payload to execute in the browser when sending a command. This creates a self-XSS risk because an attacker can trigger their own script execution in the victim’s session, if...

OpenC3 COSMOS is Vulnerable to Self-XSS Through the Command Sender

Summary The Command Sender UI uses an unsafe eval function on array-like command parameters, which allows a user-supplied payload to execute in the browser when sending a command. This creates a self-XSS risk because an attacker can trigger their own script execution in the victim’s session, if...

Gitlab -- Vulnerabilities

Gitlab reports: Denial of Service issue when uploading specifically crafted JSON files impacts GitLab CE/EE Denial of Service issue bypassing query complexity limits impacts GitLab CE/EE Information disclosure issue in virtual registery configuration for low privileged users impacts GitLab CE/EE...

CVE-2024-40974 powerpc/pseries: Enforce hcall result buffer validity and size

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Enforce hcall result buffer validity and size plparhcall, plparhcall9, and related functions expect callers to provide valid result buffers of certain minimum size. Currently this is communicated only through...

striptags 安全漏洞

striptags is a software package. A security vulnerability exists in striptags that stems from a type confusion vulnerability in striptags prior to version 3.2.0 that causes striptags to concatenate unprocessed strings when an array-like object is passed as an html parameter. An attacker can explo...

nodejs-node-notifier: command injection due to the options params not being sanitised when being passed an array

A flaw was found in node-notifier. An attacker can run arbitrary commands on Linux machines due to the options params not being sanitized when being passed an array...

Fedora 25 : php (2016-03518b366b)

18 Aug 2016 PHP 7.0.10 Core: - Fixed bug php72629 Caught exception assignment to variables ignores references. Laruence - Fixed bug php72594 Calling an earlier instance of an included anonymous class fatals. Laruence - Fixed bug php72581 previous property undefined in Exception after...

CVE-2011-3735

Escort Agency CMS aka escort-agency-cms allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and certain other files...

Design/Logic Flaw

Escort Agency CMS aka escort-agency-cms allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and certain other files...

CVE-2011-3735

Escort Agency CMS aka escort-agency-cms allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and certain other files...

CVE-2011-3735

CVE-2011-3735 affects Escort Agency CMS (escort-agency-cms). The vulnerability allows remote attackers to obtain sensitive information by sending crafted array parameters to a PHP file, causing an error message that reveals the installation path (as demonstrated by makethumb.php and related files...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PHP Multi User Randomizer phpMUR 2006.09.13 allow remote attackers to inject arbitrary web script or HTML via 1 the editplugin parameter to configureplugin.tpl.php, or 2 certain array parameters to web/phpinfo.php, as demonstrated by 1 or a...

Design/Logic Flaw

BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote attackers to obtain unauthorized access to these methods...

CVE-2007-0418

BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote attackers to obtain unauthorized access to these methods...

CVE-2007-0418

BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote attackers to obtain unauthorized access to these methods...

CVE-2006-6403

mystats.php in MyStats 1.0.8 and earlier allows remote attackers to obtain the installation path via 1 details and 2 by array parameters, probably resulting in a path disclosure in an error message...

CVE-2006-3757

index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain sensitive information via empty 1 GET, 2 SESSION, 3 POST, 4 COOKIE, or 5 SESSION array parameters, which reveals the installation path in an error message. NOTE: this issue might be resultant from a global overwrite vulnerability...