CVE-2026-27797 Homarr: Unauthenticated SSRF in rssFeed.ts

Homarr is an open-source dashboard. Prior to version 1.54.0, an unauthenticated Server-Side Request Forgery SSRF vulnerability allows a remote attacker to force the Homarr server to perform arbitrary outbound HTTP requests. This can be used as an internal network access primitive e.g., reaching...

Sql injection

Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via 1 the filename parameter in an attachment action, 2 the post parameter in a showcomment action, 3 the sys-name parameter in an rssfeed action, or 4 the...

CVE-2010-5317

Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via 1 the filename parameter in an attachment action, 2 the post parameter in a showcomment action, 3 the sys-name parameter in an rssfeed action, or 4 the...

Unfixed XSS vulnerability at www.bitty.com

Security researcher TreX, has submitted on 09/12/2007 a cross-site-scripting XSS vulnerability affecting www.bitty.com, which at the time of submission ranked 319730 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/12/2007. It is currently...