CVE-2021-26830

SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the ID input field of ajax.php in the Pugin library - delete module...

CVE-2006-1976

Cross-site scripting XSS vulnerability in addRequest.php in Prayer Request Board PRB Beta 1 before 20060320 allows remote attackers to inject arbitrary web script or HTML via the Request field...

CVE-2022-0701

The SEO 301 Meta WordPress plugin through 1.9.1 does not escape its Request and Destination settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

8: Enrolling certificate without certreq field causes CA to crash

An input validation error was found in Red Hat Certificate System's handling of client provided certificates. If the certreq field is not present in a certificate an assertion error is triggered causing a denial of service...

Vulnerabilities in IniNet Solutions GmbH’s SCADA Web Server, allowing a perpetrator to execute arbitrary code

The multiple vulnerabilities of IniNet Solutions GmbH’s SCADA Web Server are caused by buffer overflows in the stack. Exploitation of these vulnerabilities could allow a malicious actor to execute arbitrary code using a long HTTP request field...

Cross site scripting

Cross-site scripting XSS vulnerability in addRequest.php in Prayer Request Board PRB Beta 1 before 20060320 allows remote attackers to inject arbitrary web script or HTML via the Request field...