4 matches found
CVE-2025-63725
Reflected Cross-Site Scripting XSS vulnerability in SVX Portal 2.7A via the id parameter to Recivers.php...
Squirrel Bug Lets Attackers Execute Code in Games, Cloud Services
An out-of-bounds read vulnerability in the Squirrel programming language lets attackers break out of sandbox restrictions and execute arbitrary code within a Squirrel virtual machine VM, thus giving a malicious actor complete access to the underlying machine. Given where Squirrel lives – in games...
Squirrel Sandbox Escape allows Code Execution in Games and Cloud Services
SquirrelLang is an interpreted, open-source programming language that is used by video games and cloud services for customization and plugin development. For example, the extremely popular game Counter-Strike: Global Offensive CS:GO attracts millions of players on a monthly basis and utilizes the...
CVE-2009-2781
CVE-2009-2781 describes an SQL injection in Arab Portal 2.x/forum.php where remote authenticated users can inject via the qc parameter in an addcomment action (when magic_quotes_gpc is disabled). This is a distinct vector from CVE-2006-1666. Affected: Arab Portal 2.x/2.0.1 stable forum.php compon...