GHSA-7F59-X49P-V8MQ Cross-Site Scripting in swagger-ui

Affected versions of swagger-ui are vulnerable to cross-site scripting in both the consumes and produces parameters of the swagger JSON document for a given API. Additionally, swagger-ui allows users to load arbitrary swagger JSON documents via the query string parameter url, allowing an attacker...

CVE-2020-14973

The loginForm within the general/login.php webpage in webTareas 2.0p8 suffers from a Reflected Cross Site Scripting XSS vulnerability via the query string...

Exploit for Out-of-bounds Write in Php

This is an exploit module for a bug in php-fpm CVE-2019-11043. The bug is possible to trigger from the outside in certain nginx + php-fpm configurations, allowing a web user to execute code if the vulnerable configuration is present. The exploit targets PHP 7+ and works by appending a specially...

CVE-2019-17557

It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could execute javascript code from URL query string...

CVE-2019-17557

It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could execute javascript code from URL query string...

@appirio/salesforce (>=0.5.9 <=2.0.1), @artemis-prime/facebook-messenger-bot (=1.0.1) +205 more potentially affected by CVE-2017-1000048 via qs (>=6.1.0 <=6.1.1)

qs NPM version =6.1.0, =0.5.9, =1.1.25, =1.0.88, =1.1.7, =1.3.20, =16.1.4, =0.0.1, =2.0.1, =1.0.0, =1.0.6 - @mshksdk/design =0.0.2 and more Source cves: CVE-2017-1000048 Source advisory: OSV:GHSA-GQGV-6JQ5-JJJ9...

CVE-2019-12520

A flaw was found in squid. The absolute URL of a request can include the decoded UserInfo username and password for certain protocols. This decoded info may contain special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a...

Open redirect

Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. For example, the attacker can use rurl=//example.com instead of rurl=https://example.com in the query string...

python: CRLF injection via the query part of the url passed to urlopen()

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the query string after a ? charact...

CVE-2020-8823

A cross-site scripting XSS vulnerability was found in the Node.js library, sockjs. An attacker could use this vulnerability to supply a query string with script tags, which could trick a victim into executing a specially crafted JavaScript code...

Com_hdwplayer Search.php SQL Injection Vulnerability

Developed with PHP language and MySQL database, Joomla! is a content management system. Joomla! Comhdwplayer Search.php suffers from a SQL injection vulnerability, which can be exploited by an attacker to eventually trick the server into executing malicious SQL commands by inserting SQL commands...

PHP-FPM Remote Code Execution Vulnerability (CNVD-2020-25851)

PHP-FPM is a PHP FastCGI process manager. A remote code execution vulnerability exists in PHP-FPM. An attacker can execute code via query string parameters...

Authentication flaw

Barracuda Web Application Firewall WAF 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string...

CVE-2004-2776

go.cgi in GoScript 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 query string or 2 artarchive parameter...

CVE-2019-16977

CVE-2019-16977 affects FusionPBX

CVE-2019-16973

In FusionPBX up to 4.5.7, the file app\contacts\contactedit.php uses an unsanitized "querystring" variable coming from the URL, which is reflected in HTML, leading to XSS...

PT-2019-14893 · Fusionpbx · Fusionpbx

Name of the Vulnerable Software and Affected Versions: FusionPBX versions up to 4.5.7 Description: The issue concerns the use of an unsanitized query string variable in the file appcontactscontact edit.php, which is reflected in HTML and leads to a cross-site scripting XSS issue. This occurs when...

CVE-2019-16987

In FusionPBX up to v4.5.7, the file app\contacts\contactimport.php uses an unsanitized "querystring" variable coming from the URL, which is reflected in HTML, leading to XSS...

PT-2019-14908 · Fusionpbx · Fusionpbx

Name of the Vulnerable Software and Affected Versions: FusionPBX versions prior to 4.5.8 Description: The issue concerns the use of an unsanitized query string variable in the contact import.php file, which is reflected in HTML. This leads to a cross-site scripting XSS issue, allowing potential...

Sql injection

A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 2019/08/19. An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password...