Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CEL-based HTTP functions. An attacker can make unauthorized network requests to internal or external resources and exfitrate sensitive information AWS IAM credentials, GCP tokens by crafting...

Special characters break path parsing in XML functions

...

postgresql: PostgreSQL row security below e.g. subqueries disregards user ID changes

A flaw was found in PostgreSQL. This vulnerability allows incorrect row-level security policies to be applied via subqueries, WITH queries, security invoker views, or SQL-language functions that reference tables with row-level security policies. This issue arises when a query is planned under one...

Denial Of Service (DoS)

postgresql is vulnerable to denial of service. Two flaws were found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of command which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user...

PhpReactor 1.2.7pl1 (pathtohomedir) Remote Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== PhpReactor 1.2.7pl1 pathtohomedir Remote Inclusion Vulnerability ================================================================== phpreactor 1.2.7 pl 1 pathtohomedir...

PhpReactor 1.2.7pl1 (pathtohomedir) Remote Inclusion Vulnerability

No description provided by source. www.system-defacers.org Found By CeNGiZ-HaN [email protected] phpreactor 1.2.7 pl 1 pathtohomedir inclusion vulnerability Vulnerable Code in editprofile.php //INCLUDE DB FUNCTIONS if!defined"REACTORINCDB" include$pathtohomedir."/inc/db.inc.php";...