CVE-2009-4535

Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending a / slash character to the URI...

EUVD-2017-16773

Malware in sbrugna...

CVE-2023-31069

An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page...

Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-72138)

LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...

CVE-2019-9950

Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The loginmgr.cgi file checks credentials...

CMSeeK v1.0.5 - CMS Detection And Exploitation Suite

What is a CMS? A content management system CMS manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Release History - Version 1.0.5 19-07-2018 - Version 1.0.4...

CMSeeK - CMS Detection And Exploitation Suite

What is a CMS? A content management system CMS manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Release History - Version 1.0.0 15-06-2018 Functions Of CMSeek:...

nginx information leak

It's possible to access page source code by adding 20 to URI...

CVE-2009-3544

CVE-2009-3544 affects Xerver HTTP Server 4.32. A remote attacker can disclose the source of a web page by sending a crafted HTTP request with ::$DATA appended after the filename, leading to information disclosure. Multiple sources (NVD/OpenVAS/Seebug) confirm the vulnerability and its impact as s...

Cross site scripting

The CQWeb login page in IBM Rational ClearQuest 7.0.1 allows remote attackers to obtain potentially sensitive information page source code via a combination of ?script? and ?/script? sequences in the id field, possibly related to a cross-site scripting XSS vulnerability...

By URL spoofing install Trojan-vulnerability warning-the black bar safety net

URL spoofing the usual moves 1.＠ Flag filter user name resolution Originally＠flag is the E－mail address of the user name and host separator, but in my URL, the same applies, but function exactly the same. HTTP Hypertext Transfer Protocol, governs me the URL of the full format is“Http://Name:...