Vivotek SD9364 命令注入漏洞

Vivotek SD9364 is a high-speed camera from China VIVOTEK Communications Vivotek. A command injection vulnerability exists in the Vivotek SD9364 version VVTK-0103f, which stems from the parameter QUERYSTRING in the file uploadfile.cgi that can lead to command injection...

Vivotek IB8367A 命令注入漏洞

Vivotek IB8367A is a network camera from China VIVOTEK Communications Vivotek. The Vivotek IB8367A VVTK-0100b suffers from a command injection vulnerability that stems from the parameter QUERYSTRING in the file uploadfile.cgi that can lead to command injection...

Vivotek CC8160 安全漏洞

The Vivotek CC8160 is a 2MP highly striped network camera from China VIVOTEK Communications Vivotek. A security vulnerability exists in the Vivotek CC8160 VVTK-0100d version, which stems from the parameter QUERYSTRING in the file uploadfile. cgi that can lead to command injection...

The vulnerability of the IBM InfoSphere Information Server software platform, related to the disclosure of information through query strings, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM InfoSphere Information Server software platform relates to the disclosure of information through query strings. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

PYSEC-2024-86

Wagtail is an open source content management system built on Django. A bug in Wagtail's parsequerystring would result in it taking a long time to process suitably crafted inputs. When used to parse sufficiently long strings of characters without a space, parsequerystring would take an unexpectedl...

GHSA-JMP3-39VP-FWG8 Wagtail regular expression denial-of-service via search query parsing

Impact A bug in Wagtail's parsequerystring would result in it taking a long time to process suitably crafted inputs. When used to parse sufficiently long strings of characters without a space, parsequerystring would take an unexpectedly large amount of time to process, resulting in a denial of...

PT-2024-28441 · Wagtail · Wagtail

Name of the Vulnerable Software and Affected Versions: Wagtail versions prior to 5.2.6 Wagtail versions prior to 6.0.6 Wagtail versions prior to 6.1.3 Description: A bug in Wagtail's parse query string function would result in it taking a long time to process suitably crafted inputs, leading to a...

Torchbox Wagtail Security Breach

Torchbox Wagtail is an open source content management system CMS from Torchbox UK. A security vulnerability exists in Torchbox Wagtail versions 5.2.6, 6.0 through 6.0.5, and 6.1 through 6.1.2, which stems from an error in parsequerystring that causes it to take a long time to process appropriatel...

CVE-2024-36829

Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string...

CVE-2024-36829

Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string...

CVE-2024-36829

Incorrect access control in Teldat M1 v11.00.05.50.01 allows attackers to obtain sensitive information via a crafted query string...

Teldat M1 Security Vulnerability

Teldat M1 is a compact modular router from Teldat Poland. A security vulnerability exists in Teldat M1 version v11.00.05.50.01. An attacker exploited the vulnerability to obtain sensitive information via a specially crafted query string...

CVE-2024-36829

CVE-2024-36829 affects Teldat M1, version v11.00.05.50.01. The vulnerability is an incorrect access control issue that allows an attacker to obtain sensitive information through a crafted query string. The available sources confirm the affected product/version and the nature of the access control...

Malicious code in query-string-cjs (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2912 Malicious code in query-string-cjs (npm)

--- -= Per source details. Do not edit below this line.=-...

GHSA-JQ87-2WXP-8349 ZendFramework Route Parameter Injection Via Query String in `Zend\Mvc`

In Zend Framework 2, Zend\Mvc\Router\Http\Query is used primarily to allow appending query strings to URLs when assembled. However, due to the fact that it captures any query parameters into the RouteMatch, and the fact that RouteMatch parameters are merged with any parent routes, this can lead t...

PT-2024-40041 · Silverstripe · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: SilverStripe framework affected versions not specified Description: A high-level XSS issue has been found in the SilverStripe framework. It affects how links with hash anchors are rewritten. The rewriteHashlinks option in SSViewer rewrites...

Open Redirect

drupal/drupal is vulnerable to Open Redirect. The vulnerability is due to the insecure handling of the "destination" query string parameter in Drupal core and contributed modules. This allows malicious users to craft URLs that redirect unsuspecting users to third-party websites...

GHSA-X6V2-XMRQ-574J Drupal Anonymous Open Redirect

Drupal core and contributed modules frequently use a "destination" query string parameter in URLs to redirect users to a new destination after completing an action on the current page. Under certain circumstances, malicious users can use this parameter to construct a URL that will trick users int...

GHSA-GFVF-2F25-F34R Drupal Anonymous Open Redirect

Drupal core and contributed modules frequently use a "destination" query string parameter in URLs to redirect users to a new destination after completing an action on the current page. Under certain circumstances, malicious users can use this parameter to construct a URL that will trick users int...