294 matches found
CVE-2024-4817
A vulnerability has been found in Campcodes Online Laundry Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file manageuser.php of the component HTTP Request Parameter Handler. The manipulation of the argument id leads to improper control of resourc...
CVE-2023-6838
Reflected XSS vulnerability can be exploited by tampering a request parameter in Authentication Endpoint. This can be performed in both authenticated and unauthenticated requests...
CVE-2021-45843
glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting XSS vulnerability. The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. This input was echoed unmodified in the application's response...
Qualcomm Chipsets 缓冲区错误漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A buffer error vulnerability exists in Qualcomm Chipsets, which arises from memory corruption due to a buffer significantly exceeding the command parameter limit when processing an IOCTL request...
PT-2025-18239 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an unvalidated request parameter. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where...
PT-2025-16304 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A vulnerability has been identified, but details are not provided. The issue is related to an unvalidated request parameter in an unspecified product. Recommendations: At the moment, there i...
CVE-2025-3013
Insecure Direct Object References IDOR in access control in Customer Portal before 2.1.4 on NightWolf Penetration Testing allows an attacker to access via manipulating request parameters or object references...
PersonManage 路径遍历漏洞
PersonManage is a personnel management system by jinguomin personal developer. A path traversal vulnerability exists in PersonManage version 1.0, which stems from a path traversal vulnerability due to incorrect manipulation of the parameter Request...
U.S. Dept Of Defense: Debug Info disclose
A debug information disclosure vulnerability was discovered. The vulnerability allowed the disclosure of debug output information through a specific request parameter. The vulnerability has been reported but no further details are provided...
tushuguanlixitong 安全漏洞
tushuguanlixitong book management system is a book management system by the individual developer of China Mingyuefusu 明月复苏. A security vulnerability exists in tushuguanlixitong, which stems from a misuse of the parameter Request that can lead to improper access control...
io.quarkus:quarkus-rest: Quarkus REST Endpoint Request Parameter Leakage Due to Shared Instance
A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information...
Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 update is now available (RHBQ 3.15.3.SP1)
An update for Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 update is now available RHBQ 3.15.3.SP1. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...
Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.8.6.SP3 Security Update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having an important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information,...
Request Parameter Leakage
io.quarkus, quarkus-rest is vulnerable to Request parameter leakage. The vulnerability is due to request parameters leaking between concurrent requests due to endpoints using field injection without a CDI scope, allows an attacker to manipulate request data, impersonate users, or access sensitive...
CVE-2025-25387
A SQL Injection vulnerability was found in /admin/manage-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the propertytype POST request parameter...
GHSA-PHG3-GV66-Q38X Quarkus REST Endpoint Request Parameter Leakage Due to Shared Instance
A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information...
Quarkus REST Endpoint Request Parameter Leakage Due to Shared Instance
A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information...
CVE-2025-1247
A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information...
CVE-2025-1247 Io.quarkus:quarkus-rest: quarkus rest endpoint request parameter leakage due to shared instance
A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information...
CVE-2025-1247 Io.quarkus:quarkus-rest: quarkus rest endpoint request parameter leakage due to shared instance
A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information...