CVE-2025-69600

Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getconfig, upload, inventory, and oracle options...

CVE-2026-42224 ipl/web is vulnerable to reflected XSS by malformed search requests

ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may ha...

CVE-2026-42224 ipl/web is vulnerable to reflected XSS by malformed search requests

ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may ha...

ipl/web is vulnerable to reflected XSS by malformed search requests

Impact The vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may have no immediate chance to notice any wrongdoing. Patches Version 0.13.1 includes a fix for...

GHSA-55WF-5M3Q-6JJF ipl/web is vulnerable to reflected XSS by malformed search requests

Impact The vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may have no immediate chance to notice any wrongdoing. Patches Version 0.13.1 includes a fix for...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via malformed search requests. An attacker can execute arbitrary JavaScript in the context of the application by tricking a victim into visiting a specially crafted website. Workaround This vulnerability can be...

EUVD-2007-6698

Malware in sbrugna...

CVE-2001-0245

Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability...