PortSwigger Web Security: Incomplete fix for CVE-2022-35406: meta-redirect content-type check bypassable via parameter injection

The fix for CVE-2022-35406 1541301 stops Burp from following a redirect when the response Content-Type/Content-Disposition would prevent HTML rendering. The check substring-matches html in the raw Content-Type instead of parsing the media type. A text/plain response can smuggle the token via a...

CVE-2018-25416 AiOPMSD Final 1.0.0 SQL Injection via country.php

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the country parameter. Attackers can send GET requests to country.php with crafted SQL payloads in the country parameter to extrac...

EUVD-2018-21920

The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the frmpasswd parameter. Attackers can send POST requests to main.php with crafted SQL payloads to extract sensitive...

JetBrains TeamCity 参数注入漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1...

Open ISES Project SQL注入漏洞

The Open ISES Project is an open-source information technology platform and resource platform for emergency service organizations developed by Open ISES. Version 3.30A of the Open ISES Project contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through...

AnythingLLM 参数注入漏洞

AnythingLLM is an integrated AI application open source by Mintplex. Versions of AnythingLLM prior to 1.13.0 had a parameter injection vulnerability. This vulnerability stemmed from the filesystem-search-files proxy skill directly passing mode parameters controlled by the LLM as position paramete...

pam_usb 参数注入漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contained a parameter injection vulnerability. This vulnerability stems from the use of specially crafted UUIDs in configurations e.g., $id/tmp/rce,...

Lumiverse 参数注入漏洞

Lumiverse is a full-featured AI chat application suite developed by Prolix OCs’ individual developers. Versions of Lumiverse prior to 0.9.7 contained a parameter injection vulnerability. This vulnerability stemmed from the MCP server creating endpoint validation commands without verifying the arg...

Lumiverse 参数注入漏洞

Lumiverse is a full-featured AI chat application suite developed by Prolix OCs’ individual developers. Versions of Lumiverse prior to 0.9.7 contained a parameter injection vulnerability. This vulnerability occurred when the toSmbPath call failed, resulting in a fallback to dirname/basename...

CVE-2026-9422 KLiK SocialMediaWebsite HTTP POST Request Parameter injection

A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. The attack can be launched remotely. The exploit is publicly available and might be used...

CVE-2026-9420

CVE-2026-9420 affects KLiK SocialMediaWebsite 1.0 and is associated with the component handling HTTP GET Request Parameters . The issue is a parameter injection vulnerability in that handler, allowing a remote attacker to exploit it. The threat is supported by public exploitation activity. The CV...

CVE-2026-9420 KLiK SocialMediaWebsite HTTP GET Request Parameter injection

A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

CVE-2026-9420 KLiK SocialMediaWebsite HTTP GET Request Parameter injection

A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

CVE-2021-47967

PHP Timeclock 1.04 contains multiple cross-site scripting vulnerabilities that allow unauthenticated attackers to inject arbitrary JavaScript by manipulating URL paths and POST parameters. Attackers can append malicious payloads to login.php, timeclock.php, audit.php, and timerpt.php endpoints, o...

Prefect 参数注入漏洞

Prefect is a workflow orchestration tool developed by Prefect OpenSource, enabling developers to build, monitor data pipelines, and respond to them. Version 3.6.18 of Prefect contains a parameter injection vulnerability. This vulnerability stems from the reference field in the GitHubRepository...

Smartshop SQL注入漏洞

Smartshop is an e-commerce website development template created by Ismail Ghallou. Version 1 of Smartshop has a SQL injection vulnerability. This vulnerability arises from injecting SQL code through the searched parameter in the search.php file. It may allow unauthenticated attackers to manipulat...

IINA 参数注入漏洞

IINA is an open-source modern macOS video player developed by IINA. Versions of IINA prior to 1.4.3 had a parameter injection vulnerability. This vulnerability stemmed from the lack of validation for the mpvoptions/input-commands parameter via the custom URL scheme iina://open. This allowed remot...

litemall 注入漏洞

Litemall is a small shopping system developed by Linlinjava’s individual developers. Versions of Litemall 1.8.0 and earlier had a injection vulnerability. This vulnerability stemmed from the function backup/load in the Database Setting Handler component’s file...

CVE-2026-44574 Next.js: Middleware / Proxy bypass through dynamic route parameter injection

Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to authorization bypass. In affected deployments, specially crafted query parameters can alter the...

Deciso OPNsense 参数注入漏洞

Deciso OPNsense is a firewall and router operating system developed by the Dutch company Deciso. Versions of Decivo OPNsense prior to 26.1.7 contained a parameter injection vulnerability. This vulnerability stemmed from the XMLRPC method opnsense.restoreconfigsection, which failed to clean up the...