PT-2026-42559

Concrete CMS 9.5.0 and below is vulnerable to IDOR. The /ccm/frontend/conversations/message detail endpoint returns the full content of any conversation message. An unauthenticated attacker can enumerate all conversation messages, including messages from restricted pages, member-only areas, and t...

EUVD-2026-30835

The /api/v1/autotranslate.translateMessage endpoint in versions 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12 allows any authenticated user to retrieve the full content of any message from any room private groups, direct messages, channels by simply providing the target message ID...

PT-2022-15438 · Ibm · Ibm Security Verify Governance

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Governance, Identity Manager version 10.01 Description: A remote attacker could obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further...

Threat Outbreak Alert RuleID32460: Email Messages Distributing Malicious Software on April 13, 2018

Medium Alert ID: 57481 First Published: 2018 April 13 19:22 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32460 may contain the following files: Name | Si...

CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

Webdrivers Simple Forum - 'message_details.php' SQL Injection

!perl use IO::Socket; Download:http://www.thewebdrivers.com/forum.zip By:Bl0od3r Germany = if @ARGVnewProto="tcp",PeerAddr="$host",PeerPort=80 or die "-Error\n"; print "Connecting!\n"; print "Getting Data!\n"; print $socket "GET...