CVE-2025-56568

Assertion failure vulnerability in the PCO Protocol Configuration Options parser in the SMF Session Management Function component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol...

Cisco Identity Services Engine 路径遍历漏洞

Cisco Identity Services Engine Cisco ISE is an environment-aware platform ISE Identity Services Engine from Cisco USA. The platform collects real-time information from the network, users, and devices to develop and enforce policies to regulate the network. The Cisco Identity Services Engine has a...

s-s-consulting.com Cross Site Scripting vulnerability OBB-3916033

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...

Battle.net Clan Script for PHP 1.5.1 - Remote SQL Injection Vulnerability

No description provided by source. script : Battle.net Clan Script 1.5 file : login.php attack : injection sql auteur : h a c k e r X code : ------------------------------------------------------------------------------------------ line 9 -- $user = $POST'user'; line 10-- $pass = $POST'pass';...

OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS...

S&S Computer Imaging SQL Injection

---------------------------------------------------------------- S&S Computer Imaging SQL Injection Vulnerability ---------------------------------------------------------------- Exploit Title : S&S Computer Imaging Injection Vulnerability Author : Hack Center Security Team Discovered By : Net.W0...

CVE-2007-3276

CVE-2007-3276 describes a Cross-site Scripting (XSS) vulnerability in Site@School (S@S) 2.4.10, specifically in index.php where the q parameter can be exploited to inject arbitrary script or HTML. The vulnerability is exploitable by remote attackers via the web and is associated with a CVSS v2 ba...

Battle.net Clan Script for PHP 1.5.1 - SQL Injection

Battle.net Clan Script for PHP 1.5.1 - SQL Injection script : Battle.net Clan Script 1.5 file : login.php attack : injection sql auteur : h a c k e r X code : ------------------------------------------------------------------------------------------ line 9 -- $user = $POST'user'; line 10-- $pass ...

CVE-2006-4920

CVE-2006-4920 : Multiple PHP remote file inclusion vulnerabilities in Site@School (S@S) 2.4.02 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to (1) starnet/modules/sn_allbum/slideshow.php and (2) starnet/themes/editable/main.inc.php.

CVE-2006-4922

CVE-2006-4922 describes an unrestricted file upload in Site@School (S@S) 2.4.02 and earlier, specifically in starnet/editors/htmlarea/popups/images.php. The vulnerability enables remote attackers to upload and execute arbitrary files with executable extensions. The available documents identify th...

CVE-2006-4921

CVE-2006-4921: PHP remote file inclusion in Site@School (S@S)