425 matches found
CVE-2025-61136
A Host Header Injection vulnerability in the password reset component in axewater sharewarez v2.4.3 allows remote attackers to conduct password reset poisoning and account takeover via manipulation of the Host header when Flask's urlforexternal=True generates reset links without a fixed SERVERNAM...
CVE-2025-61136
A Host Header Injection vulnerability in the password reset component in axewater sharewarez v2.4.3 allows remote attackers to conduct password reset poisoning and account takeover via manipulation of the Host header when Flask's urlforexternal=True generates reset links without a fixed SERVERNAM...
CVE-2025-61132
A Host Header Injection vulnerability in the password reset component in levlaz braindump v0.4.14 allows remote attackers to conduct password reset poisoning and account takeover via manipulation of the Host header when Flask's urlforexternal=True generates reset links without a fixed SERVERNAME...
CVE-2025-61136
The CVE-2025-61136 entry describes a Host Header Injection vulnerability in the password reset component of axewater sharewarez v2.4.3. The underlying issue is an unfixed SERVER_NAME causing Flask url_for(_external=True) to generate reset links that can be manipulated via the Host header, enablin...
SharewareZ 安全漏洞
SharewareZ is a game folder conversion tool by Axe Personal Developers. A security vulnerability exists in SharewareZ version 2.4.3, which stems from an unfixed SERVERNAME in the password reset component, which could lead to password reset poisoning and account takeover...
CVE-2025-61132
A Host Header Injection vulnerability in the password reset component in levlaz braindump v0.4.14 allows remote attackers to conduct password reset poisoning and account takeover via manipulation of the Host header when Flask's urlforexternal=True generates reset links without a fixed SERVERNAME...
CVE-2025-61132
CVE-2025-61132 describes a Host Header Injection in the password reset component of levlaz braindump v0.4.14. The vulnerability arises when Flask’s url_for(_external=True) generates reset links without a fixed SERVER_NAME, allowing an attacker to manipulate the Host header to perform password res...
EUVD-2014-0120
Malware in sbrugna...
EUVD-2020-7188
Malware in sbrugna...
EUVD-2020-7192
Malware in sbrugna...
EUVD-2021-14368
Malware in sbrugna...
EUVD-2010-3262
Malware in sbrugna...
EUVD-2011-1514
Malware in sbrugna...
EUVD-2021-21399
Malware in sbrugna...
EUVD-1999-1340
Malware in sbrugna...
EUVD-2007-1551
Malware in sbrugna...
EUVD-2012-1219
Malware in sbrugna...
EUVD-2004-0345
Malware in sbrugna...
EUVD-2023-56423
Malicious code in bioql PyPI...
EUVD-2024-37267
Malicious code in bioql PyPI...