VulnCheck KEV: CVE-2025-34051

A server-side request forgery vulnerability exists in multiple firmware versions of AVTECH DVR devices that exposes the /cgi-bin/nobody/Search.cgi?action=cgiquery endpoint without authentication. An attacker can manipulate the ip, port, and queryb64str parameters to make arbitrary HTTP...

CVE-2018-1999022

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

CVE-2018-1999022

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

Design/Logic Flaw

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

CVE-2018-1999022

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

CVE-2018-1999022

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

CVE-2018-1999022

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

Improper query string handling in Django

The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series...

CVE-2017-11175

In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login...

Authentication flaw

In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login...

CVE-2017-11175

In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login...

Insteon Hub HTTPExecuteGet Parameters Extraction Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation unsafely extracts parameters from the query string, leading to a buffer overflow on the stack. An attacker can send an HTTP GET request to trigger...

Software Advice 1.0 Cross Site Scripting

Exploit Title: Reflected XSS at Software Advice Date: 27.05.2018 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.softwareadvice.com/ Software Link: Software Advice Website Version: 1.0 Tested on: Kali Linux Reflected XSS Payload : '-confirmIsmail Tasdelen-' HTTP REQUEST HEADER :...

Engel Voelkers Cross Site Scripting

Exploit Title: Reflected XSS at Engel Voelkers Date: 27.05.2018 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.engelvoelkers.com/ Software Link: Engel Voelkers Website Version: 1.0 Tested on: Kali Linux Reflected XSS Payload : residential'-confirm/Ismail Tasdelen/-' HTTP REQUEST...

CVE-2018-11487

PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...

Design/Logic Flaw

PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php...

Boerse.de Cross SIte Scripting

Exploit Title: Reflected XSS at Boerse DE Date: 22.05.2018 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.boerse.de Software Link: Website Version: 1.0.0 Tested on: Google Chrome / Mozilla FireFox Reflected XSS Payload : " " " PoC : General : Request URL:...

Design/Logic Flaw

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read data from a database by embedding a FROM clause in a query string within a Home-Hits request, as demonstrated hy sid=user,password%20from%20mysql.user%23...

CVE-2018-9852

In Gxlcms QY v1.0.0713, the vulnerable component is Lib\Lib\Action\Home\HitsAction.class.php. The issue allows remote attackers to read data from the database by injecting a FROM clause into the query string of a Home-Hits request (e.g., sid=user,password%20from%20mysql.user%23). This appears as ...

UBUNTU-CVE-2018-7563

An issue was discovered in GLPI through 9.2.1. The application is affected by XSS in the query string to front/preference.php. An attacker is able to create a malicious URL that, if opened by an authenticated user with debug privilege, will execute JavaScript code supplied by the attacker. The...