13 matches found
CVE-2026-2856 D-Link DWR-M960 Filter Configuration Endpoint formFilter sub_424AFC stack-based overflow
A vulnerability was found in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub424AFC of the file /boafrm/formFilter of the component Filter Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be...
CVE-2025-59146
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...
CVE-2025-59146
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...
CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...
EUVD-2006-2510
Malware in sbrugna...
CVE-2025-3601 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 8.15 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have could have allowed an authenticated user to cause a Denial of Service DoS condition by submitting URLs that generate excessively large responses...
CVE-2022-36200
In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...
Design/Logic Flaw
In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...
epilcera.com XSS vulnerability
Open Bug Bounty ID: OBB-588009 Description| Value ---|--- Affected Website:| epilcera.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Discuz! X2 回复仅作者可见控制不严
简要描述: Discuz! X2 发布回复仅作者可见的主题帖,普通会员可以绕过该机制获得被隐藏的部分内容 详细说明: 帖子为打开状态时,可以通过楼层获得fid、tid、repposet 这3个参数,手动URL提交,可获取引用回复,引用回复中含有被屏蔽(仅作者可见的)部分内容。 漏洞证明: 拼接的url...
CVE-2006-2510
Cross-site scripting XSS vulnerability in the URL submission form in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to inject arbitrary web script or HTML via an unspecified form for submitting URLs...
Cross site scripting
Cross-site scripting XSS vulnerability in the URL submission form in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to inject arbitrary web script or HTML via an unspecified form for submitting URLs...
CVE-2006-2510
Cross-site scripting XSS vulnerability in the URL submission form in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to inject arbitrary web script or HTML via an unspecified form for submitting URLs...