3 matches found
GHSA-8689-GM9G-JGR6 OpenClaw: Voice-call Plivo V3 webhook replay key uses unsorted URL, allowing replay via query-parameter reordering
Summary Plivo V3 signature verification canonicalized query ordering, but replay detection hashed the raw verification URL. Reordering query parameters preserved a valid signature while producing a fresh replay-cache key. Impact An attacker who captured one valid signed Plivo V3 webhook could...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a parameter ordering error that could lead to a null pointer dereference...
NFLPick-Em.com SQL注入漏洞
NFLPick-Em.com is a dice rolling game by ummmmm individual developers. A SQL injection vulnerability exists in versions of NFLPick-Em.com prior to 2.2.x. The vulnerability originates in the function LoadUsers in the file html/includes/runtime/admin/JSON/LoadUsers.php, where manipulation of the...