EUVD-2026-36222

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that could have allowed an authenticated user to cause denial of service on the CI/CD Catalog page due to improper sanitization...

CVE-2026-10733

GitLab CVE-2026-10733 affects GitLab CE/EE versions prior to 18.10.8 (from 17.0 line), 18.11 prior to 18.11.5, and 19.0 prior to 19.0.2. Root cause: improper sanitization that could allow an authenticated user to cause a denial-of-service on the CI/CD Catalog page. Remediation: upgrade to the pat...

CVE-2026-1131 Yonyou KSOA HTTP GET Parameter save_catalog.jsp sql injection

A vulnerability has been found in Yonyou KSOA 9.0. Impacted is an unknown function of the file /kmc/savecatalog.jsp of the component HTTP GET Parameter Handler. Such manipulation of the argument catalogid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

Yealink SIP-T21P E2 代码注入漏洞

Yealink SIP-T21P E2 is an enterprise IP phone from China Yealink. A code injection vulnerability exists in Yealink SIP-T21P E2 version 52.84.0.15, which originates from a cross-site scripting vulnerability in the local catalog page component...

XPDF 安全漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in XPDF v4.04, which originates from the Catalog::countPageTree function found to contain a stack overflow via Catalog.cc...

CVE-2019-16088

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...

herz-armaturen.at XSS vulnerability

Open Bug Bounty ID: OBB-680311 Description| Value ---|--- Affected Website:| herz-armaturen.at Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

webuyhammonds.net XSS vulnerability

Open Bug Bounty ID: OBB-618753 Description| Value ---|--- Affected Website:| webuyhammonds.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

services.imagico.de XSS vulnerability

Open Bug Bounty ID: OBB-613251 Description| Value ---|--- Affected Website:| services.imagico.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

baglass.com XSS vulnerability

Open Bug Bounty ID: OBB-609245 Description| Value ---|--- Affected Website:| baglass.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

volgograd.mediamarkt.ru XSS vulnerability

Open Bug Bounty ID: OBB-550862 Description| Value ---|--- Affected Website:| volgograd.mediamarkt.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

cubeinstyle.com XSS vulnerability

Open Bug Bounty ID: OBB-500763 Description| Value ---|--- Affected Website:| cubeinstyle.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure bas...

simpsonsjewelry.com XSS vulnerability

Vulnerable URL: http://www.simpsonsjewelry.com/catalog/catalog.php?category==Entire+Catalog=%22%27--!%3E%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C/script%3E=1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 05.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...

opentextbookstore.com XSS vulnerability

Vulnerable URL: http://www.opentextbookstore.com/catalog.php?disc=1"...

onmilitarymatters.com XSS vulnerability

Vulnerable URL: http://onmilitarymatters.com/pages/dfcatalog.php?period=1"...

thegoldleafingstudio.boomer.co XSS vulnerability

Open Bug Bounty ID: OBB-238199 Description| Value ---|--- Affected Website:| thegoldleafingstudio.boomer.co Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

idealo.co.uk XSS vulnerability

Vulnerable URL: https://www.idealo.co.uk/mscat.html?q='"--!'...

nu3.de XSS vulnerability

Vulnerable URL: https://www.nu3.de/catalog/?q="-- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 100164 VIP website status:| No Coordinated Disclosure Timeline: Description| Value...

numista.com XSS vulnerability

Vulnerable URL: http://www.numista.com/catalogue/aef-1.html?o=y'%22alert'OPENBUGBOUNTY'...

dafna.biz XSS vulnerability

Vulnerable URL: http://www.dafna.biz/Catalog.asp?Page=NewShowProd.asp"=335699 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...