190 matches found
WordPress plugin WP Affiliate Platform 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Directory Traversal
Overview serve-lite is an a lightweight http-server for static file-based web development Affected versions of this package are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join. PoC 1 Install the...
httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path
An out-of-bounds read in modproxyuwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability...
CVE-2022-2189
The WP Video Lightbox WordPress plugin before 1.9.5 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...
CVE-2022-31150
A flaw was found in the undici package. When requesting an input on an unsanitized request path, method, or headers it is possible to inject Carriage Return/Line Feed CRLF sequences into these requests...
CVE-2022-1756
The Newsletter WordPress plugin before 7.4.5 does not sanitize and escape the $SERVER'REQUESTURI' before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as...
VulnCheck KEV: CVE-2021-22053
Applications using both spring-cloud-netflix-hystrix-dashboard and spring-boot-starter-thymeleaf expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at /hystrix/monitor;user-provided data, the path elements...
CVE-2022-0901
The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUESTURI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters...
Rockwell Automation 1794-AENT Flex I/O Series B Buffer Copy Without Checking Size of Input (CVE-2020-6085)
An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen- Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...
Rockwell Automation Flex IO Classic Buffer Overflow (CVE-2020-6088)
An exploitable denial of service vulnerability exists in the ENIP Request Path Network Segment functionality of Allen- Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...
Rockwell Automation 1794-AENT Flex I/O Series B Buffer Copy Without Checking Size of Input (CVE-2020-6083)
An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen- Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...
Rockwell Automation 1794-AENT Flex I/O Series B Buffer Copy Without Checking Size of Input (CVE-2020-6087)
An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen- Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...
The vulnerability of the uri-block plugin for the Apache APISIX cloud API allows a hacker to bypass security restrictions.
The vulnerability of the uri-block plugin for the Apache APISIX cloud API is related to errors that occur when using the $requesturi variable. Exploiting this vulnerability could allow a malicious actor to bypass security restrictions remotely...
VulnCheck KEV: CVE-2021-40438
A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...
PT-2021-5420 · Apache · Apache Apisix
Name of the Vulnerable Software and Affected Versions: Apache APISIX versions prior to 2.10.2 Description: The issue is related to the uri-block plugin in Apache APISIX, which uses the $request uri variable without proper verification. This variable contains the full original request URI without...
CVE-2021-22006
The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints...
CVE-2021-39322
The Easy Social Icons plugin = 3.0.8 for WordPress echoes out the raw value of $SERVER'PHPSELF' in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected Cross-Site Scripting attack by injecting malicious code in the request path...
Haproxy HAProxy 安全漏洞
Haproxy HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy Haproxy. The server provides 4-layer and 7-layer proxies and can support tens of thousands of levels of connections with high efficiency and stability. A security vulnerability exists in HAProxy that...
Drogon 路径遍历漏洞
Drogon is an open source HTTP application framework based on C++14/17. Drogon can be used to easily build various types of web application server programs using C++. A security vulnerability exists in Drogon versions 1.0.0-beta14 through 1.6.0, which stems from a lack of proper input validation o...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WordPress Hardening versions prior to 1.2.2 that stems from the...