CVE-2024-50617

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

CVE-2025-62254

The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...

EUVD-2006-2609

Malware in sbrugna...

Rapid7 InsightVM 安全漏洞

Rapid7 InsightVM is a vulnerability scanning and management application from Rapid7 USA. A security vulnerability exists in Rapid7 InsightVM versions prior to 6.6.244. The vulnerability stems from a sensitive information exposure vulnerability on the login page in maintenance mode, whereby when...

Denial Of Service (DoS)

qs is vulnerable to denial of service. The vulnerability exists in the parseObject function of parse.js due to lack of checks for attributes like proto in the query string of the URL, which allows an attacker to cause an application crash by providing malicious payload...

GHSA-5JP2-VWRJ-99RF Team scope authorization bypass when Post/Put request with :team_name in body, allows HTTP parameter pollution

Impact For some Post/Put Concourse endpoint containing :teamname in the URL, a Concourse user can send a request with body including :teamname=team2 to bypass team scope check to gain access to certain resources belong to any other team. The user only needs a valid user session and belongs to...

Brave Software: New XSS vector in ReaderMode with %READER-TITLE-NONCE%

A new XSS vulnerability was discovered in Brave iOS 1.31.1 and higher, which allowed attackers to execute malicious scripts on ReaderMode pages. The vulnerability was caused by a relaxation of the CSP rule, which allowed scripts with nonce-%READER-TITLE-NONCE% to be executed. Attackers could...

Backdoor.Win32.VB.afu Insecure Transit

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c6ba7fcb9eb9bdd7e081e2e84e784dcbB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.afu Vulnerability: Insecure Transit Password Disclosure Description: The malware...

CVE-2019-17557

It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could execute javascript code from URL query string...

CVE-2019-17557

It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could execute javascript code from URL query string...

Cross site scripting

Cross-site scripting in eventscript.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter...

Avito: CSS injection in avito.ru via IE11

Hi Team Security @avito I discovered CSS Injection on avito.ru in form search via IE11 Description CSS injection vulnerabilities arise when an application imports a style sheet from a user-supplied URL, or embeds user input in CSS blocks without adequate escaping. They are closely related to...

Envoy: Too much sensitive information in GET https://signwithenvoy.com/device_config/preview_badge

The page was loaded from a URL containing a query string:...

CVE-2006-2610

Cross-site scripting XSS vulnerability in view.php in phpRaid 2.9.5 allows remote attackers to inject arbitrary web script or HTML via the 1 URL query string and the 2 Sort parameter...

CVE-2006-2610

Cross-site scripting XSS vulnerability in view.php in phpRaid 2.9.5 allows remote attackers to inject arbitrary web script or HTML via the 1 URL query string and the 2 Sort parameter...