1083 matches found
CVE-2026-28771 Reflected XSS In /index.cgi Endpoint On IDC Satellite Receiver Web Management Interface Version 101
A Reflected Cross-Site Scripting XSS vulnerability exists in the /index.cgi endpoint of International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web Management Interface version 101. The application fails to adequately sanitize user-supplied input provided via the cat...
CVE-2026-28771
A Reflected Cross-Site Scripting XSS vulnerability exists in the /index.cgi endpoint of International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web Management Interface version 101. The application fails to adequately sanitize user-supplied input provided via the cat...
CVE-2026-28771
CVE-2026-28771 describes a reflected XSS in IDC SFX Series SuperFlex Satellite Receiver Web Management Interface (version 101) via the cat parameter on /index.cgi. Input is not adequately sanitized and reflected in the HTTP response, enabling arbitrary HTML/JavaScript execution in the victim’s br...
PT-2026-22873
Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web Management Interface version 101 Description A Reflected Cross-Site Scripting XSS issue exists in the /index.cgi API endpoint. The application does not...
WordPress Analytics Cat plugin <= 1.1.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Analytics Cat versions = 1.1.2...
CVE-2019-25443 Inventory Webapp SQL Injection via add-item.php
Inventory Webapp contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. Attackers can supply malicious SQL payloads in the name, description, quantity, or catid parameters to add-item.php to execut...
Malicious code in cat-retail-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28595a83aef3c3c9726d6ab0fc4b4d761a0a0c9f12ac91d4d84bda7135d46786 The package cat-retail-app was found to contain malicious code. Source: ghsa-malware b05f145df7999baec69425a057fe9a33c6a65726ca898c89b80cb23526f54bae...
Malicious Package
Overview cat-retail-app is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in cat-admin-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 34286533490c9ad41743b1eea6659d9c4fd3e62d1a830658b90840f3c49a6c8c Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...
ai4data (=0.0.1), aihero (=0.3.1) +37 more potentially affected by CVE-2026-0599 via text-generation (>=0.6.1 <=0.7.0)
text-generation PYPI version =0.6.1, =3.0.0, =0.114.0, =0.0.1a7, =0.3.6.dev0, =0.0.1a8, =0.14.3, =2.0.0, =0.0.2, =0.1.4, =0.1.0, =0.1.10, =0.1.14 and more Source cves: CVE-2026-0599 Source advisory: OSV:GHSA-J7X9-7J54-2V3H...
CVE-2022-50806
4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific categories.php...
CVE-2018-12626
An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter...
CVE-2021-41649
An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php catid parameter. Using a post request does not sanitize the user input...
Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches
A cybercrime gang known as Black Cat has been attributed to a search engine optimization SEO poisoning campaign that employs fraudulent sites advertising popular software to trick users into downloading a backdoor capable of stealing sensitive data. According to a report published by the National...
CVE-2026-0586
A vulnerability was detected in code-projects Online Product Reservation System 1.0. The affected element is an unknown function of the file handgunner-administrator/prod.php. Performing a manipulation of the argument cat results in cross site scripting. The attack is possible to be carried out...
CVE-2026-0576
A vulnerability was detected in code-projects Online Product Reservation System 1.0. Affected is an unknown function of the file /handgunner-administrator/prod.php of the component Parameter Handler. Performing a manipulation of the argument cat/price/name/model/serial results in sql injection. I...
EUVD-2025-203636
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported issue in hfsplusdeletecat: 70.682285 T9333 ===================================================== 70.682943 T9333 BUG: KMSAN: uninit-value in...
CVE-2025-40351
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported issue in hfsplusdeletecat: 70.682285 T9333 ===================================================== 70.682943 T9333 BUG: KMSAN: uninit-value in...
CVE-2025-40351
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported issue in hfsplusdeletecat: 70.682285 T9333 ===================================================== 70.682943 T9333 BUG: KMSAN: uninit-value in...
UBUNTU-CVE-2025-40351
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported issue in hfsplusdeletecat: 70.682285 T9333 ===================================================== 70.682943 T9333 BUG: KMSAN: uninit-value in...