Lucene search
K

113 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2001-1488

Malware in sbrugna...

5CVSS6.4AI score0.01321EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-26159

Malware in sbrugna...

7.2CVSS5.1AI score0.01053EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-7150

Malware in sbrugna...

5CVSS6.3AI score0.01158EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29105

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00317EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-29963

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.02293EPSS
Exploits4References3
NVD
NVD
added 2025/09/14 2:15 a.m.4 views

CVE-2025-10386

A vulnerability was found in Yida ECMS Consulting Enterprise Management System 1.0. This affects an unknown part of the file /login.do of the component POST Request Handler. The manipulation of the argument requestUrl results in cross site scripting. It is possible to launch the attack remotely...

5.3CVSS0.00317EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/14 1:32 a.m.13 views

CVE-2025-10386 Yida ECMS Consulting Enterprise Management System POST Request login.do cross site scripting

A vulnerability was found in Yida ECMS Consulting Enterprise Management System 1.0. This affects an unknown part of the file /login.do of the component POST Request Handler. The manipulation of the argument requestUrl results in cross site scripting. It is possible to launch the attack remotely...

5.3CVSS0.00317EPSS
Exploits0References4
NVD
NVD
added 2025/09/09 9:15 p.m.11 views

CVE-2025-58765

wabac.js provides a full web archive replay system, or 'wayback machine', using Service Workers. A Reflected Cross-Site Scripting XSS vulnerability exists in the 404 error handling logic of wabac.js v2.23.10 and below. The parameter requestURL derived from the original request target is directly...

7.1CVSS0.00237EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/09 8:16 p.m.4 views

CVE-2025-58765 wabac.js has XSS vulnerability in 404 error handling logic

wabac.js provides a full web archive replay system, or 'wayback machine', using Service Workers. A Reflected Cross-Site Scripting XSS vulnerability exists in the 404 error handling logic of wabac.js v2.23.10 and below. The parameter requestURL derived from the original request target is directly...

7.1CVSS5.3AI score0.00237EPSS
Exploits0References3
OSV
OSV
added 2025/09/09 8:16 p.m.4 views

CVE-2025-58765 wabac.js has XSS vulnerability in 404 error handling logic

wabac.js provides a full web archive replay system, or 'wayback machine', using Service Workers. A Reflected Cross-Site Scripting XSS vulnerability exists in the 404 error handling logic of wabac.js v2.23.10 and below. The parameter requestURL derived from the original request target is directly...

7.1CVSS5.7AI score0.00237EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.5 views

wabac.js 跨站脚本漏洞

wabac.js is an open source archive browsing client for Webrecorder. A cross-site scripting vulnerability exists in wabac.js version 2.23.10 and earlier, which stems from an uncleaned and unescaped requestURL parameter that could lead to a reflective cross-site scripting attack...

7.1CVSS5.8AI score0.00237EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.13 views

PT-2025-36954

Name of the Vulnerable Software and Affected Versions: wabac.js versions 2.23.10 and below Description: wabac.js provides a full web archive replay system using Service Workers. A Reflected Cross-Site Scripting XSS vulnerability exists in the 404 error handling logic. The requestURL parameter,...

7.1CVSS5.5AI score0.00237EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2025/05/22 3:54 p.m.8 views

CVE-2020-15769

An issue was discovered in Gradle Enterprise 2020.2 - 2020.2.4. An XSS issue exists via the request URL...

6.1CVSS6.1AI score0.00655EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/21 9:43 p.m.9 views

CVE-2008-7191

Unspecified vulnerability in Polipo before 1.0.4 allows remote attackers to cause a denial of service crash via a long request URL...

5CVSS6.8AI score0.01158EPSS
Exploits0References1
Veracode
Veracode
added 2025/04/10 7:59 a.m.8 views

Host Header Injection

@react-router/express, @remix-run/express is vulnerable to Host header injection. The vulnerability exists due to improper validation of the Host and X-Forwarded-Host headers, allowing attackers to spoof the request URL by injecting a pathname into the port section of the header...

7.5CVSS7.4AI score0.01151EPSS
Exploits0References3Affected Software2
Snyk
Snyk
added 2024/12/20 6:31 p.m.3 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization through the manipulation of the notification ID in the request URL by a logged-in attacker. This issue due to insufficient authorization checks, enabling attackers to view sensitive mail details belonging to othe...

5.3CVSS6.7AI score0.00274EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/29 12:46 p.m.28 views

CVE-2024-7474 IDOR in lunary-ai/lunary

In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference IDOR vulnerability exists. A user can view or delete external users by manipulating the 'id' parameter in the request URL. The application does not perform adequate checks on the 'id' parameter, allowing unauthorized access...

9.1CVSS0.00477EPSS
Exploits1References2
CVE
CVE
added 2024/08/13 3:36 a.m.103 views

CVE-2024-33003

CVE-2024-33003 affects SAP Commerce Cloud via the OCC API Endpoint component. The root issue is that certain OCC API endpoints may include PII (passwords, emails, mobile numbers, coupon/voucher codes) in the request URL as query or path parameters, leading to potential disclosure and integrity im...

9.1CVSS7.4AI score0.00475EPSS
Exploits0References2Affected Software1
Kitploit
Kitploit
added 2024/06/24 12:30 p.m.97 views

Hfinger - Fingerprinting HTTP Requests

Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :- Its main objective is to provide unique representations fingerprints of malware requests, which help in their identification. Unique means here that each fingerprint should be seen...

7AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/04/22 12:0 a.m.53 views

Request URL Override

Web application components can sometimes rely on request HTTP headers like 'X-Original-URL' or 'X-Rewrite-URL' to override the original path of this request. Attackers can leverage this vulnerability to conduct further attacks in order to bypass restrictions or conduct cache poisonning attacks. N...

6.5CVSS7.2AI score0.58061EPSS
Exploits0References4
Rows per page
Query Builder