10 matches found
salvo 安全漏洞
Salvo is a web framework developed by Salvo OpenSource. Versions of Salvo from 0.39.0 to 0.89.2 have security vulnerabilities. These vulnerabilities stem from the encodeurlpath function in the salvo-proxy component, which fails to normalize the "../sequence", potentially allowing for path travers...
CVE-2026-33242 Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass
Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...
CVE-2026-33242
Salvo (Rust web framework) has a Path Traversal and Access Control Bypass in the salvo-proxy component affecting versions 0.39.0–0.89.2. The root cause is encode_url_path failing to normalize ".." sequences, allowing unauthenticated attackers to reach unintended backend paths. Version 0.89.3 cont...
CVE-2026-33242
Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...
CVE-2026-33242 Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass
Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traversal and Access Control Bypass vulnerability in the salvo-proxy component. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g.,...
Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass
Details A Path Traversal and Access Control Bypass vulnerability was discovered in the salvo-proxy component of the Salvo Rust framework v0.89.2. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g., protected...
GHSA-F842-PHM9-P4V4 Salvo has a Path Traversal in salvo-proxy::encode_url_path allows API Gateway Bypass
Details A Path Traversal and Access Control Bypass vulnerability was discovered in the salvo-proxy component of the Salvo Rust framework v0.89.2. The vulnerability allows an unauthenticated external attacker to bypass proxy routing constraints and access unintended backend paths e.g., protected...
The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.
The vulnerability of the phpfilterencodeurl function located in ext/filter/sanitizingFilters.c in the PHP interpreter is related to buffer overflows in dynamic memory, caused by integer overflows. Exploiting this vulnerability could allow a remote attacker to cause a service failure or potentiall...
UBUNTU-CVE-2016-4345
Integer overflow in the phpfilterencodeurl function in ext/filter/sanitizingfilters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow...
X10media Mp3 Search Engine <= 1.6 Remote File Disclosure Vulnerability
Exploit for unknown platform in category web applications ====================================================================== X10media Mp3 Search Engine How to use : http://127.0.0.1/encode.php?t=Url Ex : http://127.0.0.1/encode.php?t=includes/constants.php Exploit...