Lucene search
K

4 matches found

OSV
OSV
added 2025/03/20 12:32 p.m.13 views

GHSA-38MG-WM59-G64X composio allows Server-Side Request Forgery (SSRF) in BROWSERTOOL

A Server-Side Request Forgery SSRF vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the system by exploiting the BROWSERTOOLGOTOPAGE and BROWSERTOOLGETPAGEDETAILS actions...

6.8CVSS5.9AI score0.00679EPSS
Exploits1References4
Snyk
Snyk
added 2025/03/20 12:32 p.m.2 views

Improper Neutralization of Data within XPath Expressions ('XPath Injection')

Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Improper Neutralization of Data within XPath Expressions 'XPath Injection' via the BROWSERTOOLGOTOPAGE and BROWSERTOOLGETPAGEDETAILS action...

7.5CVSS6.8AI score0.00679EPSS
Exploits1References2
OSV
OSV
added 2024/09/07 3:15 p.m.3 views

CVE-2024-8555

A vulnerability was found in SourceCodester Clinics Patient Management System 2.0. It has been classified as problematic. Affected is an unknown function of the file congratulations.php. The manipulation of the argument gotopage leads to open redirect. It is possible to launch the attack remotely...

6.1CVSS4.9AI score0.006EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/09/07 12:0 a.m.4 views

PT-2024-39093 · Sourcecodester · Clinic'S Patient Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Clinics Patient Management System version 2.0 Description: A vulnerability exists in the system, allowing for an open redirect. The issue is related to the manipulation of the goto page argument in an unknown function of the fi...

6.9CVSS6.9AI score0.006EPSS
Exploits1References11
Rows per page
Query Builder