15 matches found
CVE-2024-21950
creationtimestamp| type| source ---|---|--- 2026-05-15 06:51:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mluqloreim2p...
GHSA-5HGJ-7GM9-CFF5 AVideo: Unauthenticated Arbitrary Email Sending via sendEmail.json.php Enables Phishing from the Site’s Legitimate From Address
Summary objects/sendEmail.json.php exposes two branches depending on whether contactForm=1 is submitted. When the parameter is omitted, the endpoint sets $sendTo to an attacker-supplied email and, for unauthenticated callers, uses the site's own contact email as the message From:/Reply-To:. The...
CVE-2018-25252 FTP Voyager 16.2.0 Denial of Service via Malformed Site Profile
FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...
📄 SPIP Blind Server-Side Request Forgery
SPIP versions prior to 4.4.9 suffers from a blind server-side request forgery vulnerability within the private administration interface. ============================================================================================================================================= | Title : SPIP 4.4...
Liferay Portal和Liferay DXP 安全漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...
CVE-2025-27424
Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page This vulnerability affects Firefox for iOS 136...
CVE-2025-27424
Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page This vulnerability affects Firefox for iOS 136...
Mozilla: Address bar spoofing via bidirectional characters
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited...
GHSA-9M48-54PJ-H248 Improper Neutralization of Input During Web Page Generation in Jenkins
A stored cross-site scripting vulnerability in Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed attackers with Overall/Administer permission to configure the update site URL to inject arbitrary HTML and JavaScript in update center web pages...
WordPress Cozmoslabs Profile Builder 跨站脚本漏洞
WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress Cozmoslabs Profile Builder plugin 3.6.1 and earlier versions have a cross-site scripting vulnerability...
Mozilla Firefox and Firefox ESR Address Bar Forgery Vulnerability (CNVD-2016-03989)
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A security vulnerability exists in Mozilla Firefox versions prior to 47 and Firefox ESR versions...
Softbiz Banner Exchange Network Script 1.0 - SQL Injection Vulnerability
Softbiz Banner Exchange Network Script ver 1 SQL INJECTION BY IRCRASH AUTHOR : IRCRASH Dr.Crash Script Download : http://www.softbizscripts.com/ Injection Adress : http://sitename/campaignstats.php?id=SQL C0de SQL C0de :...
WordPress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities
WordPress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities +---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Wordpress 3.3.1 Multiple CSRF Vulnerabilities Date : 19-03-20...
Certain characters can obscure the page address – Opera Security Advisories
Certain characters can obscure the page address – Opera Security Advisories OPCOM Team | June 9, 2008 Severity: Less Severe Problem Description When a page address contains certain characters, they can cause the page address text to be misplaced. In some cases, this could make characters be...
Security update 1970-01-01
...