EUVD-2026-0857

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring DSM extenstio configuration modules allows Stored XSS to user with elevated privileges. This issue affects Infra Monitoring: from 25.10.0 before 25.10.1, from 24.10...

CVE-2025-61675

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains authenticated SQL injection vulnerabilities affecting multiple parameters in the...

TYPO3 SQL Injection in dbal

A flaw in the database escaping API results in a SQL injection vulnerability when extension dbal is enabled and configured for MySQL passthrough mode in its extension configuration. All queries which use the DatabaseConnection::sqlquery are vulnerable, even if arguments were properly escaped with...

K75532331: iRulesLX debug NodeJS vulnerability CVE-2019-6644

Security Advisory Description Similar to the issue identified in CVE-2018-12120, the BIG-IP system will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in debug mode and the port is accessible. CVE-2019-6644 Impac...

Fedora 20 : ReviewBoard-1.7.17-1.fc20 / python-djblets-0.7.23-1.fc20 (2013-20749)

New upstream security release 1.7.17 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.17/ - Resolves: CVE-2013-4519 - Security Fixes : - Fixed XSS vulnerabilities for the 'Branch' field and uploaded file captions. - Added a 'X-Frame-Options' header to prevent clickjacking. - New...