CVE-2023-49782

Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online - Built-in CODE Server app can be vulnerable to attack via proxy.php. The bug was fixed in Collabora Online - Built-in CODE Server richdocumentscode release 23.5.601...

CVE-2025-66208

CVE-2025-66208 affects Collabora Online – Built-in CODE Server (richdocumentscode proxy). The vulnerability is a configuration-dependent OS command injection (RCE) in the richdocumentscode proxy present in versions prior to 25.04.702, exploitable by attackers via proxy.php and an intermediate rev...

CVE-2025-13588

A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and...

CVE-2025-13588 lKinderBueno Streamity Xtream IPTV Player proxy.php server-side request forgery

A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and...

EUVD-2007-6714

Malware in sbrugna...

EUVD-2014-1920

Malware in sbrugna...

EUVD-2013-6682

Malware in sbrugna...

EUVD-2019-19011

Malware in sbrugna...

EUVD-2024-16104

Malicious code in bioql PyPI...

EUVD-2023-53703

Malicious code in bioql PyPI...

CVE-2023-48314

Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online Built-in CODE Server app can be vulnerable to attack via proxy.php. This vulnerability has been fixed in Collabora Online - Built-in CODE Server richdocumentscode...

CVE-2019-9642

An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by placing it on the fourth line of a .php file, as demonstrated by a PoC.php created by the guest account, with execution via a...

CVE-2024-0308 Inis Proxy.php server-side request forgery

A vulnerability was found in Inis up to 2.0.1. It has been rated as critical. This issue affects some unknown processing of the file app/api/controller/default/Proxy.php. The manipulation of the argument purl leads to server-side request forgery. The attack may be initiated remotely. The exploit...

PT-2024-15459 · Inis · Inis

Name of the Vulnerable Software and Affected Versions: Inis versions up to 2.0.1 Description: A critical issue affects some unknown processing of the file app/api/controller/default/Proxy.php. The manipulation of the argument p url leads to server-side request forgery. The attack may be initiated...

Inis Code Issues Vulnerabilities

Inis is a web application. A code issue vulnerability exists in Inis 2.0.1 and earlier versions, which stems from a server request forgery SSRF vulnerability in the file app/api/controller/default/Proxy.php...

CVE-2023-49782

Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online - Built-in CODE Server app can be vulnerable to attack via proxy.php. The bug was fixed in Collabora Online - Built-in CODE Server richdocumentscode release 23.5.601...

CVE-2023-48314 Unescaped passing of the request URL in Collabora Online

Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online Built-in CODE Server app can be vulnerable to attack via proxy.php. This vulnerability has been fixed in Collabora Online - Built-in CODE Server richdocumentscode...

PT-2023-5342 · Librey · Librey

Name of the Vulnerable Software and Affected Versions: LibreY versions prior to commit 8f9b9803f231e2954e5b49987a532d28fe50a627 Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability in the image proxy.php file. This vulnerability allows remote attackers to use the...

K03861222: ExtJS vulnerability CVE-2007-2285

Security Advisory Description Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 Ext JS allows remote attackers to read arbitrary files via a .. dot dot in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might ...

CVE-2018-25071

A vulnerability was found in roxlukas LMeve up to 0.1.58. It has been rated as critical. Affected by this issue is the function insertlog of the file wwwroot/ccpwgl/proxy.php. The manipulation of the argument fetch leads to sql injection. Upgrading to version 0.1.59-beta is able to address this...