CVE-2026-30923

A flaw was found in libModSecurity3, a component of the ModSecurity web application firewall WAF. An attacker can exploit a segmentation fault by sending a specially crafted query string parameter containing a single character, which is then processed by a rule using the t:hexDecode transformatio...

EUVD-2011-2697

Malware in sbrugna...

EUVD-2025-28235

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-1999022

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method,...

DEBIAN-CVE-2024-52301

Laravel is a web application framework. When the registerargcargv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28,...

CVE-2024-52301

Laravel is a web application framework. When the registerargcargv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28,...

Laravel 参数注入漏洞

Laravel is a web application framework from the Laravel community. A parameter injection vulnerability exists in Laravel. An attacker exploiting this vulnerability can call any URL using a specially crafted query string...

CVE-2024-36829

Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string...

Teldat M1 Security Vulnerability

Teldat M1 is a compact modular router from Teldat Poland. A security vulnerability exists in Teldat M1 version v11.00.05.50.01. An attacker exploited the vulnerability to obtain sensitive information via a specially crafted query string...

CVE-2024-36829

Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string...

CVE-2024-36829

CVE-2024-36829 affects Teldat M1, version v11.00.05.50.01. The vulnerability is an incorrect access control issue that allows an attacker to obtain sensitive information through a crafted query string. The available sources confirm the affected product/version and the nature of the access control...

CVE-2024-36829

Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string...

SUSE CVE-2004-0096

Unknown vulnerability in modpython 2.7.9 allows remote attackers to cause a denial of service httpd crash via a certain query string, a variant of CAN-2003-0973...

CVE-2021-43118

A Remote Command Injection vulnerability exists in DrayTek Vigor 2960 1.5.1.3, DrayTek Vigor 3900 1.5.1.3, and DrayTek Vigor 300B 1.5.1.3 via a crafted HTTP message containing malformed QUERY STRING in mainfunction.cgi, which could let a remote malicious user execute arbitrary code...

CVE-2011-2719

libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...

Sql injection

libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...

Directory traversal

cgi-bin/welcome/VPNonly in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service device crash via a crafted query string, as demonstrated using directory traversal sequences...

CVE-2007-5036

Multiple buffer overflows in the AirDefense Airsensor M520 with firmware 4.3.1.1 and 4.4.1.4 allow remote authenticated users to cause a denial of service HTTPS service outage via a crafted query string in an HTTPS request to 1 adLog.cgi, 2 post.cgi, or 3 ad.cgi, related to the "files filter."...

Design/Logic Flaw

buscador/buscador.htm in Portal Search allows remote attackers to obtain sensitive information business logic via a query string composed of a search for certain characters...

mod_python remote DoS

Unknown vulnerability in modpython 2.7.9 allows remote attackers to cause a denial of service httpd crash via a certain query string, a variant of CAN-2003-0973...