Linux Distros Unpatched Vulnerability : CVE-2021-28941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file, when you send a request to the /scripts/magpiedebug.php or...

CVE-2010-3796

Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not block Java applets in an RSS feed, which allows remote attackers to obtain sensitive information via a feed: URL containing an applet that performs DOM modifications...

CVE-2025-23895

Cross-Site Request Forgery CSRF vulnerability in Dan Cameron Add RSS add-rss allows Stored XSS.This issue affects Add RSS: from n/a through = 1.5...

CVE-2024-35981

CVE-2024-35981 affects Linux kernel virtio_net RSS handling. Root cause: RSS command setup in virtionet may be sent even when the device does not support RSS, causing a zero-length buffer to be passed to QEMU and triggering a kernel loop due to virtqueue/broken device handling. Impact: potential ...

Arbitrary Code Execution

tt-rss is vulnerable to arbitrary code execution. The vulnerability exists as plugins/afproxyhttp/init.php mishandles the $REQUEST"url" in an error message...

Flowdock API Bug Bounty #4 - Persistent RSS Vulnerability

Document Title: =============== Flowdock API Bug Bounty 4 - Persistent RSS Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1575 Vulnerability Magazine:...

Article Script <= 1.6.3 (rss.php) Remote SQL Injection Vulnerability

No description provided by source. Article Script v1.and v1.6.3 Sql injection Script Name :Article Script Home Page:www.articlescript.org Bug Founder :Liz0ziM Mail:[email protected] Baba Kimdir? Tabiki Liz0ziM ------------------------------------------------------------...

Sql injection

SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action...

Google Chrome RSS Or Atom Feed Cross-Site Scripting Vulnerability

This host is installed with Google Chrome and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglechromerssnatomxssvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Google Chrome RSS Or Atom Feed Cross-Site Scripting Vulnerability Authors: Sharath S Copyright:...

Merak邮件服务器RSS源阅读器跨站脚本漏洞

BUGTRAQ ID: 34825 CVECAN ID: CVE-2009-1467 Merak Email Server是一个全面的办公室局域网或Internet通讯邮件解决方案。 Merak邮件服务器的WebMail用户可以向其文件夹列表中添加RSS源作为文件夹，这些源是由html/webmail/server/inc /rss/rss.php文件解析的，并在html/webmail/server/inc/rss/item.php文件中处理RSS channel中的每个item元素。...