Deserialization of untrusted data

A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqosexpressdevices/smartqosnormaldevices leads to deserialization. It is possible to...

CVE-2023-6580

CVE-2023-6580 concerns a deserialization vulnerability in the D-Link DIR-846 router (FW100A53DBR), specifically in the QoS POST Handler handling the file path /HNAP1/. The issue arises from unsafe deserialization when processing the arguments smartqos_express_devices and smartqos_normal_devices, ...

PT-2023-7503 · D Link · D-Link Dir-846

Name of the Vulnerable Software and Affected Versions: D-Link DIR-846 version FW100A53DBR Description: A critical vulnerability was found in the D-Link DIR-846 router, affecting an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the smartqos express devices...

CVE-2023-3793

A vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql...

Sql injection

A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=saveitem of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is...

PT-2023-25571 · Gz Scripts · Gz Scripts Vacation Rental Website

Name of the Vulnerable Software and Affected Versions: GZ Scripts Vacation Rental Website version 1.8 Description: A vulnerability was found in the HTTP POST Request Handler component, affecting some unknown functionality of the file /VacationRentalWebsite/property/8/ad-has-principes/. The...

Dental Clinic Appointment Reservation System 跨站脚本漏洞

Dental Clinic Appointment Reservation System is a Dental Clinic Appointment Reservation System by jkev Personal Developer. A cross-site scripting vulnerability exists in SourceCodester Dental Clinic Appointment Reservation System version 1.0 due to an unknown function in the file /admin/service.p...

CVE-2023-2694

A vulnerability was found in SourceCodester Online Exam System 1.0. It has been classified as critical. This affects an unknown part of the file /dosen/data of the component POST Parameter Handler. The manipulation of the argument columns1data leads to sql injection. It is possible to initiate th...

PT-2023-16647 · Sourcecodester · Sourcecodester Music Gallery Site

Name of the Vulnerable Software and Affected Versions: SourceCodester Music Gallery Site version 1.0 Description: A critical issue affects the processing of the file Users.php in the POST Request Handler component, leading to improper access controls. The manipulation can be initiated remotely...

K15793: PHP Posthandler vulnerability CVE-2014-3622

Security Advisory Description A security vulnerability in the PHP scripting language may allow remote code execution by way of the Post Handler. CVE-2014-3622 - pending Impact None. F5 products do not use vulnerable versions of PHP. Security Advisory Status F5 Product Development has assigned ID...

CVE-2022-4596

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

CVE-2022-4596

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

CVE-2022-4596 Shoplazza Add Blog Post cross site scripting

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

PT-2022-27700 · Shoplazza · Shoplazza

Name of the Vulnerable Software and Affected Versions: Shoplazza version 1.1 Description: A problematic issue has been found in the processing of the file "/admin/api/admin/articles/" of the component Add Blog Post Handler. The manipulation of the Title argument leads to cross-site scripting. The...

PT-2022-35954 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue is related to kprobes and ftrace. It involves skipping the clearing of aggrprobe's post handler in the kprobe-on-ftrace case. The actual impact and attack plausibility have not yet...

PT-2022-26540 · Unknown · House Rental System

Name of the Vulnerable Software and Affected Versions: House Rental System affected versions not specified Description: A critical vulnerability has been found in the House Rental System, affecting an unknown functionality of the file search-property.php of the component POST Request Handler. The...

PT-2022-24133 · Unknown · Flipbook Plugin

Name of the Vulnerable Software and Affected Versions: Flipbook Plugin affected versions not specified Description: A vulnerability was found in the Flipbook Plugin, affecting some unknown functionality of the file post.php of the component Edit Post Handler. The manipulation of the Shortcode...

Cross site scripting in Elefant CMS

A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting Persistent. It is possible to initiate the attack remotely. Upgrading to version 1.3.13 i...

GHSA-4453-G295-24MH Cross site scripting in Elefant CMS

A vulnerability, which was classified as problematic, was found in Elefant CMS 1.3.12-RC. This affects an unknown part of the component Blog Post Handler. The manipulation leads to basic cross site scripting Persistent. It is possible to initiate the attack remotely. Upgrading to version 1.3.13 i...