CVE-2024-11695

A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

PT-2020-17188 · Urve · Urve

Name of the Vulnerable Software and Affected Versions: URVE Build 24.03.2020 Description: An issue was discovered in URVE. By using the " internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to...

CVE-2020-11976

By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5...

CVE-2015-0770

CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341...

Cisco WebEx Training Center Open Redirect Vulnerability

A vulnerability in Cisco WebEx Training Center could allow an unauthenticated, remote attacker to cause the Cisco WebEx Training Center to issue a redirect to an arbitrary attacker-supplied URL. The vulnerability is due to an open redirect issue in Cisco WebEx Training Center. An attacker could...

CVE-2010-1384

Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not provide a warning about a 1 http or 2 https URL that contains a username and password, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL...