CVE-2019-16645

An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages such as goform/login and config/logoffpage.htm create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack...

CVE-2019-12822

In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, out-of-bounds memory reference, and potential DoS, as demonstrated by a colon on a line by itself...

EUVD-2019-8866

Malware in sbrugna...

EUVD-2018-7382

Malware in sbrugna...

EUVD-2018-7381

Malware in sbrugna...

EUVD-2019-4403

Malware in sbrugna...

EUVD-2023-59766

Malicious code in bioql PyPI...

CVE-2023-53155

goform/formTest in EmbedThis GoAhead 2.5 allows HTML injection via the name parameter...

CVE-2023-53155

goform/formTest in EmbedThis GoAhead 2.5 allows HTML injection via the name parameter...

CVE-2023-53155

CVE-2023-53155 affects EmbedThis GoAhead 2.5. The vulnerability is an HTML injection (XSS) via the name parameter in goform/formTest. Exploitation and public attestations exist (e.g., Exploit-DB); multiple mirrors/alerts reiterate the same flaw. Connected entries corroborate the issue across vend...

EmbedThis GoAhead 跨站脚本漏洞

EmbedThis GoAhead is an embedded web server software from EmbedThis, Inc. A cross-site scripting vulnerability exists in EmbedThis GoAhead version 2.5, which stems from HTML injection of the name parameter...

CVE-2023-53155

goform/formTest in EmbedThis GoAhead 2.5 allows HTML injection via the name parameter...

CVE-2023-53155

goform/formTest in EmbedThis GoAhead 2.5 allows HTML injection via the name parameter...

CVE-2017-1000471

EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service...

CVE-2017-1000470

EmbedThis GoAhead Webserver versions 4.0.0 and earlier is vulnerable to an integer overflow in the HTTP listener resulting in denial of service...

Embedthis GoAhead Embedded Web Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Embedthis GoAhead Embedded Web Server Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability in the...

Exploit for Unrestricted Upload of File with Dangerous Type in Embedthis Goahead

CVE-2021-42342 CVE-2021-42342 RCE POC1:just prints c in...

Embedthis GoAhead Remote Code Execution Vulnerability

Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked...

Exploit for Use After Free in Embedthis Goahead

CVE-2019-5096: Use After Free DoS Exploit python TriggerD...

Embedthis Goahead Use-After-Free (CVE-2019-5096)

A use-after-free vulnerability exists in Embedthis Goahead. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...