EUVD-2025-201097

Collabora Online - Built-in CODE Server richdocumentscode provides a built-in server with all of the document editing features of Collabora Online. In versions prior to 25.04.702, Collabora Online has a Configuration-Dependent RCE OS Command Injection in richdocumentscode proxy. Users of Nextclou...

CVE-2025-13588

A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and...

CVE-2025-13588 lKinderBueno Streamity Xtream IPTV Player proxy.php server-side request forgery

A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and...

EUVD-2025-198624

A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and...

PT-2025-47889

A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and...

Linux Distros Unpatched Vulnerability : CVE-2019-9642

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by...

Collabora Online Cross-Site Scripting Vulnerability

Collabora Online is an application from Collabora UK. A powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats. A cross-site scripting vulnerability exists in Collabora Online versions prior to 23.5.601 that stems from vulnerability to...

PT-2023-10812

Name of the Vulnerable Software and Affected Versions roxlukas LMeve versions up to 0.1.58 Description A critical issue affects the function insert log of the file wwwroot/ccpwgl/proxy.php. The manipulation of the argument fetch leads to SQL injection. Recommendations For versions up to 0.1.58,...

PT-2017-5750 · Joomla · Joomla! Googlemaps Plugin

Name of the Vulnerable Software and Affected Versions: Joomla Googlemaps plugin versions prior to 3.1 Description: The issue allows remote attackers to cause a denial of service. This can be achieved via the url parameter to the "plugin googlemap2 proxy.php" endpoint. Recommendations: For version...

Trend Micro OfficeScan 'Proxy.php' Command Injection Vulnerability

Trend Micro OfficeScan is a suite of distributed anti-virus software from Trend Micro. A command injection vulnerability exists in Trend Micro OfficeScan version 11 and XG 12. A remote attacker could exploit this vulnerability to execute arbitrary code...

Wordpress google-adsense-and-hotel-booking plugin denial of service vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language. google-adsense-and-hotel-booking is one of the ads automatically inserted and hotel booking plugin. A denial of service vulnerability exists in the...