114 matches found
PT-2026-44075
Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python code to be injected into pialert.conf. Since the background scan daemon loads this file via Python's exec, injected code executes as the...
CVE-2026-7766
Kenik Camera management Panel is vulnerable to Path Traversal vulnerability. An unauthenticated attacker can send GET request with arbitrary file path and read corresponding files located on the server. The issue was fixed in version 2026-04-23 of the KG-5260xxxx-IL-G2 cameras. Rest of the produc...
CVE-2025-69614
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31...
CVE-2024-56807 Media Streaming add-on
An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...
CVE-2025-35029 Medical Informatics Engineering Enterprise Health stored cross site scripting via Demographic Information page
Medical Informatics Engineering Enterprise Health has a stored cross site scripting vulnerability that allows an authenticated attacker to add arbitrary content in the 'Demographic Information' page. This content will be rendered and executed when a victim accesses it. This issue is fixed as of...
EUVD-2025-31616
Malicious code in bioql PyPI...
CVE-2025-35030
Medical Informatics Engineering Enterprise Health has a cross site request forgery vulnerability that allows an unauthenticated attacker to trick administrative users into clicking a crafted URL and perform actions on behalf of that administrative user. This issue is fixed as of 2025-04-08...
PT-2025-39871
Name of the Vulnerable Software and Affected Versions Medical Informatics Engineering Enterprise Health affected versions not specified Description The software contains a cross site request forgery condition. An unauthenticated attacker can deceive administrative users into clicking a specially...
CVE-2025-30263 Qsync Central
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0...
CVE-2024-54138
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight...
CVE-2024-54138
CVE-2024-54138 describes an XSS vulnerability in NuGet Gallery’s Markdown autolinks handling. The issue stems from inadequate sanitization of autolinks (JavaScript in standard links is filtered, but autolinks aren’t), enabling potential cross-site scripting. The vulnerability has been fixed in ve...
Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection
Exploit Title: Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection Date: 2020-06-07 Exploit Author: Pankaj Kumar Thakur Vendor Homepage: http://virtualairlinesmanager.net/ Dork: inurl:notamid= Affected Version: 2.6.2 Tested on: Ubuntu CVE : N/A Vulnerable parameter -------------------...
holliswood178.org XSS vulnerability
Open Bug Bounty ID: OBB-705513 Description| Value ---|--- Affected Website:| holliswood178.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
sshr.moe.gov.sa XSS vulnerability
Open Bug Bounty ID: OBB-700728 Description| Value ---|--- Affected Website:| sshr.moe.gov.sa Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
patton.com XSS vulnerability
Open Bug Bounty ID: OBB-690483 Description| Value ---|--- Affected Website:| patton.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
koreair.org XSS vulnerability
Open Bug Bounty ID: OBB-664851 Description| Value ---|--- Affected Website:| koreair.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
scjga.bluegolf.com XSS vulnerability
Open Bug Bounty ID: OBB-664204 Description| Value ---|--- Affected Website:| scjga.bluegolf.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
grevekarate.dk XSS vulnerability
Open Bug Bounty ID: OBB-658597 Description| Value ---|--- Affected Website:| grevekarate.dk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
chata-obchodka.cz XSS vulnerability
Open Bug Bounty ID: OBB-652149 Description| Value ---|--- Affected Website:| chata-obchodka.cz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
cso.org XSS vulnerability
Open Bug Bounty ID: OBB-638850 Description| Value ---|--- Affected Website:| cso.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...