GHSA-9CP7-3Q5W-J92G parse-server: Malformed `$regex` query leaks database error details in API response

Impact A malformed $regex query parameter e.g. abc causes the database to return a structured error object that is passed unsanitized through the API response. This leaks database internals such as error messages, error codes, code names, cluster timestamps, and topology details. The vulnerabilit...

eXtreme-fusion 4.02 Fusion_Forum_View.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21621/info eXtreme-fusion is prone to a local file-include vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execu...

Outreach Project Tool 'CRM_path' Parameter Remote File Inclusion Vulnerability

Outreach Project ToolOPT is prone to a remote file inclusion vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...