CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

EUVD-2026-2752

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

EUVD-2024-36198

Malicious code in bioql PyPI...

CVE-2022-29892

Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to repeatedly display errors in certain functions and cause a denial-of-service DoS...

CVE-2024-36735

OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating...

PT-2023-29924 · Unknown · Codeigniter4

Name of the Vulnerable Software and Affected Versions: CodeIgniter4 versions prior to 4.4.3 Description: CodeIgniter is a PHP full-stack web framework. If an error or exception occurs, a detailed error report is displayed even if in the production environment, potentially leaking confidential...

OSV-2022-987 Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51941 Crash type: Security exception Crash state: com.codeintelligence.jazzer.sanitizers.RegexInjection.hookInternal com.codeintelligence.jazzer.sanitizers.RegexInjection.stringHook...

Blender 代码问题漏洞

Blender is a professional free and open source 3D computer graphics software. A code issue exists in Blender where an error is displayed instead of a crash when rendering with "headless builds"...

XSS in doc_link

Impact Users of MySQL, MariaDB, PgSQL and SQLite are affected. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo extension to communicate with the database it is used if the native extensions are not enabled. In browsers without...

Denial of service

A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, causing an error to be displayed and preventing printer from functioning until the printer is...

SAP Gateway Injection Vulnerability

SAP Gateway is an open standards-based framework from SAP, Germany. The product supports non-SAP applications to connect to SAP applications and also connects and accesses SAP applications on mobile devices. SAP Gateway suffers from an injection vulnerability that stems from the program not...

Mirage – Fancy Clone - SQL Injection

Mirage – Fancy Clone - SQL Injection Mirage – Fancy Clone, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you turn off the error display, you can use the time-based and Boolean...

Car Workshop System - SQL Injection

Car Workshop System - SQL Injection Car Workshop System, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can be directly used Google Dork: N/A Injection point:...

Joomla! Component Simple Membership 3.3.3 - 'userId' Parameter SQL Injection

Joomla! Component Simple Membership 3.3.3 - the 'userId' Parameter SQL Injection Joomla! Component Simple Membership 3.3.3, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you tu...

Country on Sale Script - SQL Injection

Country on Sale Script - SQL Injection Country on Sale Script, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you turn off the error display, you can use time-based blind Google...

Joomla! Component Coupon v3.5 - SQL Injection

Joomla! Component Coupon v3. 5 - SQL Injection Joomla! Component Coupon v3. 5, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you turn off the error display, you can use...

Nlance - Freelance Marketplace Software v2.2 - SQL Injection

Nlance - Freelance Marketplace Software v2. 2 - SQL Injection Nlance - Freelance Marketplace Software v2. 2, The presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can be directly used Google Dork: N/A...

Joomla! Component Spinner 360 v1.3.0 - SQL Injection

Joomla! Component Spinner 360 v1. 3. 0 - SQL Injection Joomla! Component Spinner 360 v1. 3. 0, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you turn off the error display can ...

Joomla component Recipe Manager v2. 2 parameter id SQL injection vulnerability

Joomla! Component Recipe Manager v2. 2 - SQL Injection Joomla! Component Recipe Manager v2. 2, The presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can be directly used Injection point:...

CVE-2014-2538 rubygem rack-ssl: URL error display XSS

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...