PT-2026-34214

Name of the Vulnerable Software and Affected Versions free5GC UDR versions prior to 1.4.3 Description A fail-open request handling flaw exists in the UDR service. The POST handler for the endpoint '/nudr-dr/v2/policy-data/subs-to-notify' continues to process requests even after encountering error...

CVE-2026-40249

free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...

free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors

Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify/subsId PUT handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended modification of existing Policy Data notificatio...

WordPress Get Youtube Subs Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress Get Youtube Subs, which stems from insufficient input cleanup and output escaping, and can be exploited by an...

CVE-2025-7966 Get Youtube Subs <= 3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via subscribe_link_att Function

The Get Youtube Subs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘channel', 'layout', and 'subscount’ parameters in all versions up to, and including, 3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

WordPress plugin Get Youtube Subs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress Get Youtube Subs, which stems from insufficient input cleanup and output escaping, and can be exploited by an...

PT-2025-30660 · WordPress · Get Youtube Subs

Name of the Vulnerable Software and Affected Versions: Get Youtube Subs plugin for WordPress versions up to and including 3.5 Description: The Get Youtube Subs plugin for WordPress is susceptible to Stored Cross-Site Scripting through the channel, layout, and subs count parameters. Insufficient...

CVE-2023-52904 ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix possible NULL pointer dereference in sndusbpcmhasfixedrate The subs function argument may be NULL, so do not use it before the NULL check...

Malicious code in watch-john-wick-chapter-4-online-english-sub-123-movies (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2019-11574

An issue was discovered in Simple Machines Forum SMF before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls...

Server side request forgery (ssrf)

An issue was discovered in Simple Machines Forum SMF before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls...

CVE-2019-11574

An issue was discovered in Simple Machines Forum SMF before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls...

Linux/ARM - execve (/bin/sh,NULL,0) Shellcode (31 bytes)

/ Title: Linux/ARM - execve"/bin/sh",NULL,0 - 31 bytes Date: 2010-08-31 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @jonathansalwan shell-storm.org Shellcode ARM without 0x20, 0x0a and 0x00 00008054 : 8054: e28f3001 add r3, pc, 1 ; 0x1 8058: e12fff13 bx r3 805c: 4678 mov r0, p...

CVE-2017-17893

Readymade Video Sharing Script has XSS via the searchvideo.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter...

Simple Machines forum (SMF) 2.0 session hijacking

No description provided by source. Simple Machines forum SMF 2.0 session hijacking Found by The X-C3LL and seth http://0verl0ad.blogspot.com/ || http://xd-blog.com.ar/ 2011-08-06 Website: http://www.simplemachines.org/ Greets: yoyahack, eddyw, www.portalhacker.net SMF stops csrf attacks sending a...

Simple Machines Forum 2.0 Session Hijacking

Simple Machines forum SMF 2.0 session hijacking Found by The X-C3LL and seth http://0verl0ad.blogspot.com/ || http://xd-blog.com.ar/ 2011-08-06 Website: http://www.simplemachines.org/ Greets: yoyahack, eddyw, www.portalhacker.net SMF stops csrf attacks sending a session token in all the requests...

Simple Machines Forum (SMF) 2.0 - Session Hijacking

Simple Machines Forum SMF 2.0 - Session Hijacking Simple Machines forum SMF 2.0 session hijacking Found by The X-C3LL and seth http://0verl0ad.blogspot.com/ || http://xd-blog.com.ar/ 2011-08-06 Website: http://www.simplemachines.org/ Greets: yoyahack, eddyw, www.portalhacker.net SMF stops csrf...

Simple Machines forum (SMF) 2.0 session hijacking

Exploit for php platform in category web applications Simple Machines forum SMF 2.0 session hijacking Found by The X-C3LL and seth http://0verl0ad.blogspot.com/ || http://xd-blog.com.ar/ 2011-08-06 Website: http://www.simplemachines.org/ Greets: yoyahack, eddyw, www.portalhacker.net SMF stops csr...

Simple Machines Forum 1.4

Sibertrwolf c 2008 C AY VE YILDIZ GECE YAKIIR C SonSuza Dek TRK FLSTN KARDEL Alembuysa Kral M.H.P : Smf 1.1.4 Remote File Inclusion Vulnerabilities Download: http://www.simplemachines.org Dork : Powerd by SMF 1.1.4 Exploit:...

CVE-2007-3295

Directory traversal vulnerability in Yet another Bulletin Board YaBB 2.1 and earlier allows remote authenticated users to execute arbitrary Perl code via a .. dot dot in the userlanguage profile setting, which sets the userlanguage key of the member hash, and is propagated to the language variabl...