CVE-2023-6838

Reflected XSS vulnerability can be exploited by tampering a request parameter in Authentication Endpoint. This can be performed in both authenticated and unauthenticated requests...

D-Link DIR-619 Stack Overflow Vulnerability (CNVD-2022-31542)

D-Link DIR-619 is a series of routers from D-Link, a Chinese company. D-Link DIR-619 Ax v1.00 has a security vulnerability that can be exploited by attackers to cause a denial of service DoS via the curTime parameter...

Web Servers Buffer Overflow Attempt (CVE-2020-3119; CVE-2020-3120; CVE-2020-3172; CVE-2020-8450)

A buffer overflow vulnerability can be exploited by sending a parameter with size larger than can be stored in a buffer. Successful exploitation could result in execution of arbitrary code on the target system or denial of service conditions...

LocalTapiola: Reflected XSS on iltakoulu_varkaus (viestinta.lahitapiola.fi)

Basic report information Summary: The ctx parameter in http://viestinta.lahitapiola.fi/webApp/iltakouluvarkaus, can be exploited to perform an XSS Attack. Description: When a user fills the form in the webpage, a POST request is sent to the server with multiple parameters POST...

LocalTapiola: Reflected XSS on sankarikoulutus (viestinta.lahitapiola.fi)

Basic report information Summary: Hi, The ctx parameter in http://viestinta.lahitapiola.fi/webApp/sankarikoulutus, can be exploited to perform an XSS Attack. Description: When a user clicks on a map area, The following POST request is generated : POST / HTTP/1.1 Host: viestinta.lahitapiola.fi...

withinsecurity: Content Spoofing OR Text Injection in https://withinsecurity.com

Hi, I just found Content Spoofing OR Text-based injection vulnerability in https://withinsecurity.com site that would like to get fixed, Below are the POC and steps to reproduced an issue. 1 Go to https://withinsecurity.com this site 2 Then just changed above url like this...