Lucene search
K

13 matches found

Vulnrichment
Vulnrichment
added 2026/02/20 8:32 p.m.3 views

CVE-2026-2856 D-Link DWR-M960 Filter Configuration Endpoint formFilter sub_424AFC stack-based overflow

A vulnerability was found in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub424AFC of the file /boafrm/formFilter of the component Filter Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be...

9CVSS8.8AI score0.00642EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/10/10 7:17 p.m.7 views

CVE-2025-59146

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...

8.5CVSS6.7AI score0.00225EPSS
Exploits0References1
NVD
NVD
added 2025/10/09 7:15 p.m.10 views

CVE-2025-59146

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...

8.5CVSS0.00225EPSS
Exploits0References2
OSV
OSV
added 2025/10/09 6:58 p.m.5 views

CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...

8.5CVSS6.7AI score0.00225EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-2510

Malware in sbrugna...

6.8CVSS6.4AI score0.01295EPSS
Exploits0References4
OSV
OSV
added 2025/08/27 7:33 p.m.1 views

CVE-2025-3601 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 8.15 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have could have allowed an authenticated user to cause a Denial of Service DoS condition by submitting URLs that generate excessively large responses...

6.5CVSS6.3AI score0.00296EPSS
Exploits0References5
NVD
NVD
added 2022/08/29 3:15 p.m.26 views

CVE-2022-36200

In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...

7.5CVSS0.01895EPSS
Exploits1References2
Prion
Prion
added 2022/08/29 3:15 p.m.21 views

Design/Logic Flaw

In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...

5CVSS7.5AI score0.01895EPSS
Exploits1References2Affected Software1
Openbugbounty
Openbugbounty
added 2018/03/24 4:22 p.m.8 views

epilcera.com XSS vulnerability

Open Bug Bounty ID: OBB-588009 Description| Value ---|--- Affected Website:| epilcera.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
seebug.org
seebug.org
added 2013/01/24 12:0 a.m.25 views

Discuz! X2 回复仅作者可见控制不严

简要描述: Discuz! X2 发布回复仅作者可见的主题帖,普通会员可以绕过该机制获得被隐藏的部分内容 详细说明: 帖子为打开状态时,可以通过楼层获得fid、tid、repposet 这3个参数,手动URL提交,可获取引用回复,引用回复中含有被屏蔽(仅作者可见的)部分内容。 漏洞证明: 拼接的url...

7.1AI score
Exploits0
NVD
NVD
added 2006/05/22 7:2 p.m.15 views

CVE-2006-2510

Cross-site scripting XSS vulnerability in the URL submission form in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to inject arbitrary web script or HTML via an unspecified form for submitting URLs...

6.8CVSS5.8AI score0.01295EPSS
Exploits0References3
Prion
Prion
added 2006/05/22 7:2 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the URL submission form in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to inject arbitrary web script or HTML via an unspecified form for submitting URLs...

6.8CVSS6.2AI score0.01295EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/05/22 7:0 p.m.24 views

CVE-2006-2510

Cross-site scripting XSS vulnerability in the URL submission form in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to inject arbitrary web script or HTML via an unspecified form for submitting URLs...

5.8AI score0.01295EPSS
Exploits0References3
Rows per page
Query Builder