CVE-2026-42339 New API: SSRF Filter Bypass via 0.0.0.0

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 CVE-2025-59146 and hardened in v0.9.6 CVE-2025-62155 does not block the unspecified address 0.0.0.0. A regular...

EUVD-2006-5125

Malware in sbrugna...

CVE-2021-39178

Next.js is a React framework. Versions of Next.js between 10.0.0 and 11.0.0 contain a cross-site scripting vulnerability. In order for an instance to be affected by the vulnerability, the next.config.js file must have images.domains array assigned and the image host assigned in images.domains mus...

Uber: Uploading Plain Text to uber-documents.s3.amazonaws.com Through the Driver Document Upload Page

Hi, When a new driver is registering on Uber, they have to upload a variety of files proof of insurance, ID, etc. When these files are being uploaded, Uber.com only checks whether the files have the correct extension. This means that one can upload a plain text file with a .png extension and it...

CF Image Host 1.6.6 Cross Site Scripting

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-XSS.txt Vendor: ==================================== codefuture.co.uk/projects/imagehost Product: =================================== CF Image Host 1.65 - 1.6.6 Archive...

CF Image Host 1.6.6 Cross Site Request Forgery

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-CSRF.txt Vendor: ==================================== codefuture.co.uk/projects/imagehost Product: =================================== CF Image Host 1.65 - 1.6.6 Archive...

CF Image Host 1.6.6 Command Injection Vulnerability

CF Image Host version 1.6.6 suffers from a remote command injection vulnerability. CF Image Host 1.6.6 Command Injection Vulnerability Vendor: ==================================== codefuture.co.uk/projects/imagehost Product: =================================== CF Image Host 1.65 - 1.6.6 Archive...

CF Image Host 1.65 - Cross-Site Request Forgery

CF Image Host 1.65 - Cross-Site Request Forgery input type="text" name="changesett...

CF Image Host 1.6.6 Cross Site Scripting Vulnerability

CF Image Host version 1.6.6 suffers from multiple cross site scripting vulnerabilities. CF Image Host 1.6.6 Cross Site Scripting Vulnerability Vendor: ==================================== codefuture.co.uk/projects/imagehost Product: =================================== CF Image Host 1.65 - 1.6.6...

CF Image Host 1.65 - PHP Command Injection

CF Image Host 1.65 - PHP Command Injection + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-PHP-CMD-INJECTION.txt Vendor: ==================================== codefuture.co.uk/projects/imagehost Product:...

CF Image Host 1.65 - Cross-Site Request Forgery

input type="text" name="...

CF Image Host 1.65 - PHP Command Injection

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-PHP-CMD-INJECTION.txt Vendor: ==================================== codefuture.co.uk/projects/imagehost Product: =================================== CF Image Host 1.65 - 1.6.6...

CF Image Host 1.6.6 Cross Site Request Forgery Vulnerability

CF Image Host version 1.6.6 suffers from a cross site request forgery vulnerability. CF Image Host 1.6.6 Cross Site Request Forgery Vulnerability Vendor: ==================================== codefuture.co.uk/projects/imagehost Product: =================================== CF Image Host 1.65 - 1.6....

CF Image Host 1.1 - Remote File Inclusion Vulnerability

No description provided by source. Download: http://codefuture.co.uk/counter/?id=22 Title : CF Image Host Remote File Inclusion Vulnerability Author: The.Morpheus Contact: - Thanks: Herkese : Greetz: Megaturks.Net | Spyturks.Com demo :http://codefuture.co.uk/projects/imagehost1.1/demo/...

CF Image Host Remote File Inclusion

Download: http://codefuture.co.uk/counter/?id=22 Title : CF Image Host Remote File Inclusion Vulnerability Author: The.Morpheus Contact: - Thanks: Herkese : Greetz: Megaturks.Net | Spyturks.Com demo :http://codefuture.co.uk/projects/imagehost1.1/demo/...

CF Image Host 1.1 - Remote File Inclusion

Download: http://codefuture.co.uk/counter/?id=22 Title : CF Image Host Remote File Inclusion Vulnerability Author: The.Morpheus Contact: - Thanks: Herkese : Greetz: Megaturks.Net | Spyturks.Com demo :http://codefuture.co.uk/projects/imagehost1.1/demo/...

CF Image Host v1.1 Remote File Inclusion Vulnerability

Exploit for php platform in category web applications ====================================================== CF Image Host v1.1 Remote File Inclusion Vulnerability ====================================================== Download: http://codefuture.co.uk/counter/?id=22 Title : CF Image Host Remote...

PHP Krazy Image Host Script <= 0.6 Shell Upload Vulnerability

Exploit for php platform in category web applications ============================================================= PHP Krazy Image Host Script Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail : submitatinj3ct0r.com 1 0 ...

PHP Krazy Image Host Script 1.01 (viewer.php id) SQL Injection Vuln

No description provided by source. 0x01 Informations: Name : PHP Krazy Image Host Script 1.01 Download : http://www.hotscripts.com/listings/jump/download/66961/ Vulnerability : Sql Injection Author : x0r Contact : [email protected] Notes : Proud to be Italian 0x02 Bug: Bugged file is...

PHP Krazy Image Host Script 1.01 - &#039;id&#039; SQL Injection

0x01 Informations: Name : PHP Krazy Image Host Script 1.01 Download : http://www.hotscripts.com/listings/jump/download/66961/ Vulnerability : Sql Injection Author : x0r Contact : [email protected] Notes : Proud to be Italian 0x02 Bug: Bugged file is /path/viewer.php Code $id = $GET'id';...