PT-2026-29945

nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval in github.com/0xJacky/Nginx-UI...

EUVD-2026-17154

nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval...

EUVD-2015-3676

Malware in sbrugna...

EUVD-2002-1382

Malware in sbrugna...

nanoid: nanoid mishandles non-integer values

A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects: - In browser and non-secure, the code infinite loops on while size-- - In node, the value of poolOffset becomes...

laravel framework SQL Injection via limit and offset functions

Impact Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability. Patches This problem has been patched on Laravel...

EyouCms 跨站脚本漏洞

Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology Company. A cross-site scripting vulnerability exists in EyouCMS version 1.6.0 and earlier versions, which stems from a reflective cross-site scripting...

DEBIAN-CVE-2020-15225

django-filter is a generic system for filtering Django QuerySets based on user selections. In django-filter before version 2.4.0, automatically generated NumberFilter instances, whose value was later converted to an integer, were subject to potential DoS from maliciously input using exponential...

CVE-2015-3638

phpMyBackupPro before 2.5 does not validate integer input, which allows remote authenticated users to execute arbitrary PHP code by injecting scripts via the path, filename, and period parameters to scheduled.php, and making requests to injected scripts, or by injecting PHP into a PHP configurati...

WordPress Facebook Survey Plugin 1.0 - SQL Injection

This WordPress Facebook Survey plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Filter the "id" input or use the intval PHP function to make sure...

WordPress Facebook Survey Plugin 1.0 - SQL Injection

This WordPress Facebook Survey plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Filter the "id" input or use the intval PHP function to make sure...

CVE-2002-1399

Unknown vulnerability in cashout and possibly other functions in PostgreSQL 7.2.1 and earlier, and possibly later versions before 7.2.3, with unknown impact, based on an invalid integer input which is processed as a different data type, as demonstrated using cashout2...

CVE-2002-1399

The CVE-2002-1399 entry concerns PostgreSQL up to version 7.2.2, with the cash_out function (and possibly other functions) affected by a flaw likely caused by processing an invalid integer input as a different data type. This vulnerability is described as unknown impact in the primary CVE record,...