69 matches found
CVE-2025-6428
When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 140...
UBUNTU-CVE-2025-6428
When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. This bug only affects Firefox for Android. Other versions of Firefox are unaffected.. This vulnerability was fixed in Firefox 140...
PT-2025-26725
Name of the Vulnerable Software and Affected Versions: Firefox for Android versions prior to 140 Description: The issue allows an attacker to potentially lead to phishing attacks by following a provided URL in a link querystring parameter instead of the correct URL. This affects Firefox for...
CVE-2025-32371
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. A url could be crafted to the DNN ImageHandler to render text from a querystring parameter. This text would display in the resulting image and a user that trusts the domain might think that t...
dot-querystring 安全漏洞
dot-querystring is a dot notation library for node query strings by the individual developer Naoya Tsutsumi. A security vulnerability exists in dot-querystring version v0.2.0, which stems from the lib.parse function containing a prototype contamination vulnerability...
Cross Site Scripting (XSS)
silverstripe/framework is vulnerable to Cross Site Scripting XSS. The vulnerability is due to inadequate sanitisation of the rewriteHashlinks option in SSViewer, allowing an attacker to inject HTML through the querystring...
GHSA-34Q6-XQXH-GQ39 Silverstripe XSS In rewritten hash links
A high level XSS vulnerability has been discovered in the SilverStripe framework which causes links containing hash anchors E.g. href="anchor" to be rewritten in an unsafe way. The rewriteHashlinks option on SSViewer will rewrite these to contain the current url, although without adequate escapin...
SUSE CVE-2011-2919
Cross-site scripting XSS vulnerability in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page...
GHSA-HRPP-H998-J3PP qs vulnerable to Prototype Pollution
qs before 6.10.3 allows attackers to cause a Node process hang because an proto key can be used. In many typical web framework use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as...
@bouzuya/mr-jums (>=0.2.0 <=0.9.1), @deansel/latte (=0.1.2-beta.1) +77 more potentially affected by CVE-2022-24999 via qs (>=6.3.0 <=6.3.1)
qs NPM version =6.3.0, =0.2.0, =1.0.0-alpha.7, =0.0.1-alpha.1, =0.0.1-dev.0, =4.0.0-beta.6, =3.0.0, =0.20.5, =0.20.5, =0.20.8, =0.1.5, =0.6.5, =0.13.0, =0.15.0 - app-decorators =0.8.206 and more Source cves: CVE-2022-24999 Source advisory: OSV:GHSA-HRPP-H998-J3PP...
Reflected XSS in querystring parameters
An attacker could inject a XSS payload in a Silverstripe CMS response by carefully crafting a return URL on a /dev/build or /Security/login request. To exploit this vulnerability, an attacker would need to convince a user to follow a link with a malicious payload. This will only affect projects...
GHSA-VVXF-R4VM-2VM6 Reflected XSS in querystring parameters
An attacker could inject a XSS payload in a Silverstripe CMS response by carefully crafting a return URL on a /dev/build or /Security/login request. To exploit this vulnerability, an attacker would need to convince a user to follow a link with a malicious payload. This will only affect projects...
GHSA-RW75-M7GP-92M3 Django data leakage via querystring manipulation in admin
The administrative interface contrib.admin in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship between models, which allows remote authenticated users to obtain sensitive information via a tofield...
Django data leakage via querystring manipulation in admin
The administrative interface contrib.admin in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship between models, which allows remote authenticated users to obtain sensitive information via a tofield...
CVE-2022-38462 - Reflected XSS in querystring parameters
More info at https://www.silverstripe.org/download/security-releases/cve-2022-38462...
CVE-2020-13127
A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.04.1 allows remote authenticated attackers to execute arbitrary SQL commands via the TASKSLISTpt.querystring parameter...
@bouzuya/mr-jums (>=0.2.0 <=0.9.1), @deansel/latte (=0.1.2-beta.1) +77 more potentially affected by CVE-2017-1000048 via qs (>=6.3.0 <=6.3.1)
qs NPM version =6.3.0, =0.2.0, =1.0.0-alpha.7, =0.0.1-alpha.1, =0.0.1-dev.0, =4.0.0-beta.6, =3.0.0, =0.20.5, =0.20.5, =0.20.8, =0.1.5, =0.6.5, =0.13.0, =0.15.0 - app-decorators =0.8.206 and more Source cves: CVE-2017-1000048 Source advisory: OSV:GHSA-GQGV-6JQ5-JJJ9...
easy-redirect-manager 2.18.18 - Cross-Site Scripting (XSS)
Any page that causes a 404 or 302 response, will be output within the Redirect Log page without any validation or output encoding, including the URL querystring, which could contain an XSS payload...
CVE-2018-18761
SaltOS 3.1 r8126 allows action=login&querystring=&user=SQL SQL Injection...
cgit < 1.2.1 - cgit_clone_objects() Directory Traversal Vulnerability
Exploit for cgi platform in category web applications There is a directory traversal vulnerability in cgitcloneobjects, reachable when the configuration flag enable-http-clone is set to 1 default: void cgitcloneobjectsvoid if !ctx.qry.path cgitprinterrorpage400, "Bad request", "Bad request";...