26 matches found
BIT-LIMESURVEY-2025-41074 Multiple vulnerabilities in Limesurvey
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service DoS attack, by exhausting server or client resources. The system is unable to break the redirect loop, which ca...
CVE-2025-41074
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service DoS attack, by exhausting server or client resources. The system is unable to break the redirect loop, which ca...
CVE-2025-41074
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service DoS attack, by exhausting server or client resources. The system is unable to break the redirect loop, which ca...
CVE-2025-41074
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service DoS attack, by exhausting server or client resources. The system is unable to break the redirect loop, which ca...
Infinite loop
Overview limesurvey/limesurvey is a FOSS online survey tool on the web. Affected versions of this package are vulnerable to Infinite loop via the /optout endpoint, which triggers infinite HTTP redirects when accessed directly. An attacker can exhaust server or client resources by repeatedly...
CVE-2025-41074 Multiple vulnerabilities in Limesurvey
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service DoS attack, by exhausting server or client resources. The system is unable to break the redirect loop, which ca...
CVE-2025-41074
LimeSurvey 6.13.0 has a vulnerability in the /optout endpoint causing infinite HTTP redirects, which can exhaust server/client resources and lead to DoS or degraded service. Affected product: LimeSurvey (LimeSurvey/limesurvey). Root cause: infinite redirect loop when accessing /optout. Impact: po...
CVE-2025-41074 Multiple vulnerabilities in Limesurvey
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service DoS attack, by exhausting server or client resources. The system is unable to break the redirect loop, which ca...
PT-2025-47569
Name of the Vulnerable Software and Affected Versions LimeSurvey version 6.13.0 Description A flaw exists in LimeSurvey version 6.13.0 within the /optout endpoint that results in infinite HTTP redirects when directly accessed. This can be leveraged to create a Denial of Service DoS attack by...
LimeSurvey 安全漏洞
LimeSurvey PHPSurveyor is an open source online survey program from the LimeSurvey team that supports survey program development, survey distribution, and data collection. A security vulnerability exists in LimeSurvey version 6.13.0, which originates from an endpoint/optout resulting in an...
CVE-2025-12392
The Cryptocurrency Payment Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handleoptinoptout' function in all versions up to, and including, 2.0.25. This makes it possible for unauthenticated attackers to op...
CVE-2025-12391
The Restrictions for BuddyPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handleoptinoptout function in all versions up to, and including, 1.5.2. This makes it possible for unauthenticated attackers to opt in and out of tracki...
EUVD-2025-197962
The Cryptocurrency Payment Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handleoptinoptout' function in all versions up to, and including, 2.0.22. This makes it possible for unauthenticated attackers to op...
EUVD-2025-197958
The Restrictions for BuddyPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handleoptinoptout function in all versions up to, and including, 1.5.2. This makes it possible for unauthenticated attackers to opt in and out of tracki...
CVE-2025-12391
The Restrictions for BuddyPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handleoptinoptout function in all versions up to, and including, 1.5.2. This makes it possible for unauthenticated attackers to opt in and out of tracki...
CVE-2025-12391 Restrictions for BuddyPress <= 1.5.2 - Missing Authorization to Unauthenticated Tracking Status Update
The Restrictions for BuddyPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handleoptinoptout function in all versions up to, and including, 1.5.2. This makes it possible for unauthenticated attackers to opt in and out of tracki...
CVE-2025-12392 Cryptocurrency Payment Gateway for WooCommerce <= 2.0.25 - Missing Authorization to Unauthenticated Tracking Status Update
The Cryptocurrency Payment Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handleoptinoptout' function in all versions up to, and including, 2.0.25. This makes it possible for unauthenticated attackers to op...
Coinhive JavaScript Miner Detection
This script reports if a web page of the remote host contains code from the Coinhive JavaScript Miner. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
optout-xjql.net XSS vulnerability
Vulnerable URL: http://www.optout-xjql.net/o-dtdz-l44-b7a0c3833a874e1449512d632a79d06f?email=john%40hotmail.com%22%3E%3Cscript%3Ealert%28%27OpenBugBounty%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 16.10.2017 Vulnerability type:| XSS Vulnerability...
3S CoDeSys Gateway Server Crafted Packet Stack Overflow
Added: 04/29/2013 CVE: CVE-2012-4708 BID: 58032 OSVDB: 90371 Background Smart Software Solutions GmbH 3S manufactures CoDeSys Gateway Server, a Supervisory Control and Data Acquisition/Human-Machine Interface SCADA/HMI product. The Gateway Server listens on TCP port 1211. Problem 3S CoDeSys Gatew...