eventsource-encoder 注入漏洞

eventsource-encoder is a server-side event encoding tool developed by Espen Hovlandsdal. Versions of eventsource-encoder prior to 1.0.2 contained an injection vulnerability. This vulnerability stemmed from the lack of cleanup of event or ID fields during serialization of EventSourceMessage. An...

CVE-2026-44928

In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal...

CVE-2026-44928

In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal...

Uriparser 安全漏洞

UriParser is a C89-compatible library for parsing and processing URIs, strictly conforming to RFC 3986 standards. Versions of UriParser prior to 1.0.2 contained security vulnerabilities; these vulnerabilities stemmed from the EqualsUri function potentially incorrectly classifying two unequal URIs...

Drupal POST File module < 1.0.2 - Unauthenticated Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF vulnerability discovered by Pierre Rudloff in WordPress Module POST File versions 1.0.2...

CVE-2023-6677

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oduyo Financial Technology Online Collection allows SQL Injection. This issue affects Online Collection: before v.1.0.2...

CVE-2023-1765

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Akbim Computer Panon allows SQL Injection.This issue affects Panon: before 1.0.2...

Siemens SIMATIC WinCC Sm@rtClient app Information Disclosure Vulnerability

Siemens SIMATIC WinCC is the monitoring control and data acquisition SCADA and HMI system. An information disclosure vulnerability exists in Siemens SIMATIC WinCC Sm@rtClient app versions prior to 1.0.2, which allows an attacker to discover Sm@rtServer credentials by exploiting an error in the...