Lucene search
K

4 matches found

Snyk
Snyk
added 2026/06/18 1:6 p.m.7 views

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection via the fixRequestBody function. An attacker can inject or override multipart form fields, potentially bypassing gateway-side validation or access controls, by supplying crafted input containing carriage return and line...

7.5CVSS5.9AI score0.00243EPSS
Exploits1References2
NVD
NVD
added 2025/12/12 4:15 a.m.5 views

CVE-2025-12883

The Campay Woocommerce Payment Gateway plugin for WordPress is vulnerable to Unauthenticated Payment Bypass in all versions up to, and including, 1.2.2. This is due to the plugin not properly validating that a transaction has occurred through the payment gateway. This makes it possible for...

5.3CVSS0.00314EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/05/05 12:0 a.m.4 views

WSO2 API Manager 安全漏洞

WSO2 API Manager is a suite of API lifecycle management solutions from US-based WSO2. A security vulnerability exists in WSO2 API Manager version 2.0.0 and prior versions, which stems from insufficient validation of XML inputs to the gateway component and could lead to XML external entity injecti...

9.1CVSS6.5AI score0.01146EPSS
Exploits0References2
OSV
OSV
added 2021/10/21 7:15 p.m.1 views

UBUNTU-CVE-2021-41159

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections /gt:rpc fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue h...

8.8CVSS7.2AI score0.01346EPSS
Exploits0References4
Rows per page
Query Builder