16 matches found
CVE-2025-67078
Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...
CVE-2025-67078
Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...
CVE-2025-67078
Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...
PT-2026-3023
Name of the Vulnerable Software and Affected Versions Omnispace Agora Project versions prior to 25.10 Description A cross site scripting XSS issue exists in Omnispace Agora Project. This allows attackers to execute arbitrary code through the notify parameter of the file controller, which is used ...
EUVD-2026-2752
Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...
CVE-2025-67078
Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...
CVE-2025-67078
Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...
CVE-2025-67078
Omnispace Agora Project contains a Cross Site Scripting (XSS) vulnerability in versions prior to 25.10. The issue arises in the file controller’s notify parameter used to display errors, enabling an attacker to execute arbitrary code in the context of the affected user. The CVE is documented acro...
CVE-2025-67078
Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...
CVE-2025-5228
A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpdgetparm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated with...
D-Link DI-8100 安全漏洞
The D-Link DI-8100 is a wireless broadband router designed for small to medium-sized network environments from China's D-Link. The D-Link DI-8100 suffers from a buffer overflow vulnerability that originates from the parameter notify in the file /login.cgi that fails to correctly validate the leng...
CVE-2024-52757
D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the notify parameter in the arpsysasp function...
PT-2024-8597 · D Link · D-Link Di-8003
Name of the Vulnerable Software and Affected Versions: D-LINK DI-8003 version 16.07.16A1 Description: The issue is related to a buffer overflow in the arp sys asp function when processing the notify parameter. This can be exploited by a remote attacker to cause a buffer overflow. Recommendations:...
CVE-2024-52757
CVE-2024-52757 affects D-LINK DI-8003 (firmware v16.07.16A1). The vulnerability is a buffer overflow in the arp_sys_asp function when processing the notify parameter, which can allow a remote attacker to crash the service or potentially execute arbitrary code, depending on context in different so...
CVE-2024-52757
D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the notify parameter in the arpsysasp function...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in views/notify.php in the Uploader plugin 1.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 notify or 2 blog parameter...