41 matches found
CVE-2026-44170 MariaDB: Argument injection in CONNECT REST Xcurl on Windows via unsanitized URL
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB on WIndows with installed CONNECT engine and enabled REST support interpolated table HTTP...
CVE-2026-44170
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB on WIndows with installed CONNECT engine and enabled REST support interpolated table HTTP...
CVE-2026-45669
Nuxt.js (framework for Vue) versions 3.4.3–3.21.5/3.21.5? and 4.0.0-alpha.1–4.4.5 are affected by a reflected XSS in navigateTo(url, { external: true }) during server-side redirects, where the destination URL is sanitized only for quotes and can break out of content=
SUSE-SU-2026:2330-1 Security update for mariadb
This update for mariadb fixes the following issues: - CVE-2026-3494: audit plugin comment handling bypass bsc1259176. - CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. - CVE-2026-35549: SHA2 auth plugin crash on large packets bsc1261413. - CVE-2026-44168: wsrep SST unsafe...
CVE-2026-45348
CVE-2026-45348 affects pyLoad before version 0.5.0b3.dev100, where an unsanitized link URL interpolated in a template literal within packages.js allows stored XSS in the Downloads view. Attack surface: authenticated operators can submit a package link that injects HTML/JS, which gets rendered via...
CVE-2026-45348 pyLoad: Stored XSS in Downloads view via unsanitized link URL in packages.js template literal
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the packages.js template at src/pyload/webui/app/themes/modern/templates/js/packages.js:172 interpolates a stored link URL into a template literal inside single-quoted HTML and then writes the result to...
WWBN AVideo has an incomplete fix for CVE-2026-33502: Command Injection
Summary The incomplete fix for AVideo's test.php adds escapeshellarg for wget but leaves the filegetcontents and curl code paths unsanitized, and the URL validation regex /^http/ accepts strings like httpevil.com. Affected Package - Ecosystem: Other - Package: AVideo - Affected versions: = commit...
CVE-2026-27508
Smoothwall Express versions prior to 3.1 Update 13 contain a reflected cross-site scripting vulnerability in the /redirect.cgi endpoint due to improper sanitation of the url parameter. Attackers can craft malicious URLs with javascript: schemes that execute arbitrary JavaScript in victims' browse...
CVE-2026-31876 Notesnook has Stored XSS via unsanitized Twitter/X embed URL in editor (`tweetToEmbed`)
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to 3.3.9, a Stored Cross-Site Scripting XSS vulnerability existed in Notesnook's editor embed component when rendering Twitter/X embed URLs. The tweetToEmbed function in component.tsx interpolated the user-supplied URL...
CVE-2026-1441
Reflected Cross-Site Scripting XSS vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker ...
CVE-2026-1438
Reflected Cross-Site Scripting XSS vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker ...
CVE-2026-1439 Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface
Reflected Cross-Site Scripting XSS vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker ...
CVE-2026-1438 Reflected Cross-Site Scripting (XSS) vulnerability in Graylog Web Interface
Reflected Cross-Site Scripting XSS vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, allowing an attacker ...
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...
CVE-2019-16989
In FusionPBX up to v4.5.7, the file app\conferencesactive\conferenceinteractive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS...
GHSA-27M7-FFHQ-JQRM MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL
Summary The MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host...
CVE-2025-40545
SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...
CVE-2025-40545 SolarWinds Observability Self-Hosted Open Redirection Vulnerability
SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...
Cross Site Scripting (XSS)
@meshconnect/web-link-sdk is vulnerable to cross-site scripting XSS. The vulnerability is due to the lack of sanitization of URL protocols in the createLink.openLink function, which allows an attacker to execute arbitrary JavaScript code in the parent page context and access its DOM, storage,...
EUVD-2019-7452
Malware in sbrugna...