WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting

WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php. id: CVE-2017-17059 info: name: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting author: daffainfo severity: medium description: WordPress...

CVE-2026-48599 Authorization bypass via path binding override in elixir-grpc/grpc HTTP transcoding

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In...

EUVD-2026-37013

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In...

PT-2026-49532

Name of the Vulnerable Software and Affected Versions elixir-grpc versions 0.8.0 through 0.9.x Description Authenticated attackers can access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. This occurs in...

[SECURITY] Fedora 44 Update: vmod-querystring-2.0.3-13.fc44

The purpose of this module is to give you a fine-grained control over a URL's query-string in Varnish Cache. It's possible to remove the query-string, clean it, sort its parameters or filter it to only keep a subset of them. This can greatly improve your hit ratio and efficiency with Varnish,...

EUVD-2026-32606

Budibase: Unanchored Regex in matchers.ts Allows CSRF Bypass via Query String Injection in Budibase Worker...

Budibase: Unanchored Regex in `matchers.ts` Allows CSRF Bypass via Query String Injection in Budibase Worker

Summary The buildMatcherRegex / matches functions in packages/backend-core/src/middleware/matchers.ts share the same structural root cause as the recently patched CVE-2026-31816: route patterns are compiled into unanchored regular expressions and tested against ctx.request.url, which includes the...

GHSA-WXQ7-X3QP-VCR8 Budibase: Unanchored Regex in `matchers.ts` Allows CSRF Bypass via Query String Injection in Budibase Worker

Summary The buildMatcherRegex / matches functions in packages/backend-core/src/middleware/matchers.ts share the same structural root cause as the recently patched CVE-2026-31816: route patterns are compiled into unanchored regular expressions and tested against ctx.request.url, which includes the...

GHSA-MRHX-6PW9-Q5FH PhoenixStorybook has cross-session PubSub topic injection via URL parameter

Summary The storybook iframe LiveView accepts a PubSub topic from the URL query string and broadcasts its own pid onto that topic with no check that the topic belongs to the current session. Any unauthenticated visitor who knows or guesses another user's playground topic can hijack the...

GHSA-FQC7-9XJW-JRH3 SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/APP_DEBUG via parse_str/SAPI Argv Mismatch

Description CVE-2024-50340 GHSA-x8vp-gf4q-mw5j addressed an issue where, with registerargcargv=On, a crafted query string let an unauthenticated GET change the kernel environment and debug flag by feeding --env/--no-debug through $SERVER'argv'. The fix shipped in symfony/runtime 5.4.46 / 6.4.14 /...

PT-2026-48343

Description CVE-2024-50340 GHSA-x8vp-gf4q-mw5j addressed an issue where, with register argc argv=On, a crafted query string let an unauthenticated GET change the kernel environment and debug flag by feeding --env/--no-debug through $ SERVER'argv'. The fix shipped in symfony/runtime 5.4.46 / 6.4.1...

Security update for tomcat

This update for tomcat fixes the following issues Update to Tomcat 9.0.118: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...

CVE-2026-48147

Budibase is an open-source low-code platform. Prior to 3.35.4, the buildMatcherRegex / matches functions in packages/backend-core/src/middleware/matchers.ts route patterns are compiled into unanchored regular expressions and tested against ctx.request.url, which includes the full query string. Th...

CVE-2026-41428

Budibase is an open-source low-code platform. Prior to 3.35.4, the authenticated middleware uses unanchored regular expressions to match public no-auth endpoint patterns against ctx.request.url. Since ctx.request.url in Koa includes the query string, an attacker can access any protected endpoint ...

ROS-20260605-73-0020

The vulnerability in Portainer-Ce relates to the disclosure of information through query strings. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2026-30923

A flaw was found in libModSecurity3, a component of the ModSecurity web application firewall WAF. An attacker can exploit a segmentation fault by sending a specially crafted query string parameter containing a single character, which is then processed by a rule using the t:hexDecode transformatio...

CVE-2026-35906

An undocumented debug CGI endpoint in T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03 allows unauthenticated attackers to execute arbitrary system commands as root via supplying a crafted HTTP query string...

CVE-2026-9757

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in qs (CVE-2025-15284, CVE-2026-2391)

Summary Multiple vulnerabilities in the qs query string parsing library used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the library to version 6.14.2. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs parse modules...

CVE-2026-9757

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...