PT-2025-7018 · Unknown · Notfound Botnet Attack Blocker

Name of the Vulnerable Software and Affected Versions: NotFound Botnet Attack Blocker versions prior to 2.0.0 Description: The issue is related to improper neutralization of input during web page generation, which allows stored Cross-site Scripting XSS. This means that an attacker can inject...

PT-2024-36728 · Fort +1 · Fort +1

Name of the Vulnerable Software and Affected Versions: Fort versions 1.6.4 and earlier, up to but not including 2.0.0 Description: A validation integrity issue was discovered in the product. RPKI Relying Parties, such as Fort, are supposed to maintain a backup cache of the remote RPKI data, which...

PT-2024-30509 · Elementor · Ultimate Store Kit Elementor Addons

Name of the Vulnerable Software and Affected Versions: Ultimate Store Kit Elementor Addons versions 1.6.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS. This means that ...

PT-2023-16171 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.0 Description: The issue is related to Path Traversal, where the sequence '..filename' can be used to access files outside the intended directory. This affects the GitHub repository froxlor/froxlor...

Denial of Service in ecstatic

ecstatic, a simple static file server middleware, is vulnerable to denial of service. If a payload with a large number of null bytes %00 is provided by an attacker it can crash ecstatic by running it out of memory. Results from the original advisory A payload of 22kB caused a lag of 1 second, A...