11 matches found
DEBIAN-CVE-2026-53537
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=...,...
CVE-2026-41201 CI4MS: Backup Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM Blind XSS Version 2
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. In version 0.31.4.0, an attacker can achieve Full Account Takeover & Privilege Escalation via Stored DOM XSS in backup module filename field manipulated vi...
CVE-2026-5110
The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to insufficient input validation and output escaping in the SingleProduct field when used inside a Repeater field. When SingleProduct fields are...
PT-2026-23121
Name of the Vulnerable Software and Affected Versions IDC SFX2100 Satellite Receiver affected versions not specified Description The device sets the /etc/resolv.conf file to be world-writable, allowing any local user to modify DNS configuration. This can lead to DNS resolver tampering, potentiall...
International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞
The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has security vulnerabilities; these vulnerabilities stem from the...
PT-2026-5232
Name of the Vulnerable Software and Affected Versions Totolink A7000R version 4.1cu.4154 Description A flaw exists in the setUnloadUserData function within the /cgi-bin/cstecgi.cgi file of the affected product. Manipulation of the plugin name argument can lead to command injection. This allows fo...
CVE-2025-65031
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization flaw in the comment creation endpoint allows authenticated users to impersonate any other user by altering the authorName field in the API request. This enables attackers to post comments...
O2OA 安全漏洞
O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which stems from cross-site scripting due to incorrect manipulation of the parameter name/alias in the file...
Directory Traversal
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Directory Traversal through the /models/upload endpoint. An attacker can manipulate the file.filename parameter to include directory traversal sequences, causing the resulting filepath to escape the intended...
CVE-2022-28864
An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the templateName parameter in order to include malicious code, which is then downloaded as a .csv or .xlsx file and executed on a victim machine. Here, the...
Bank Locker Management System SQL注入漏洞
Bank Locker Management System is a bank locker management system. A SQL injection vulnerability exists in PHPGurukul Bank Locker Management System version 1.0, which stems from a problem with the file recovery.php, where manipulation of the parameter uname/mobile can lead to sql injection...