EUVD-2026-19974

Emmett has a path traversal in internal assets handler...

CVE-2026-4251 CityData CityChat ai.citydata.citychat credentials.json credentials storage

A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this vulnerability is an unknown functionality of the file resources/assets/flutterassets/assets/credentials.json of the component ai.citydata.citychat. Executing a manipulation can lead to unprotected storag...

PT-2026-21612

A flaw has been found in horilla-opensource horilla up to 1.0.2. Impacted is an unknown function of the file static/assets/js/global.js of the component Leads Module. This manipulation of the argument Notes causes cross site scripting. The attack is possible to be carried out remotely. The exploi...

PT-2024-38679 · Unknown · Codeastro Online Railway Reservation System

Name of the Vulnerable Software and Affected Versions: CodeAstro Online Railway Reservation System version 1.0 Description: A vulnerability was found in the system, affecting unknown code of the file /admin/assets/. The manipulation leads to exposure of information through directory listing. The...

CVE-2023-6578

A vulnerability classified as critical has been found in Software AG WebMethods 10.11.x/10.15.x. Affected is an unknown function of the file wm.server/connect/. The manipulation leads to improper access controls. It is possible to launch the attack remotely. To access a file like /assets/ a popup...

DomainMOD cross-site scripting vulnerability (CNVD-2019-07966)

DomainMOD is an open source application for managing your domain names and other Internet assets in a central location. A cross-site scripting vulnerability exists in DomainMOD versions 4.11.01 and earlier, which can be exploited by an attacker via the assets/add/registrar-accounts.php UserName,...