5 matches found
EUVD-2025-3090
Malicious code in bioql PyPI...
CVE-2022-32265
qDecoder before 12.1.0 does not ensure that the percent character is followed by two hex digits for URL decoding...
PT-2022-23130 · Unknown · Reactphp Http
Name of the Vulnerable Software and Affected Versions: ReactPHP HTTP versions 0.7.0 through 1.7.0 Description: The issue arises when ReactPHP's HTTP server component processes incoming HTTP cookie values, url-decoding the cookie names. This can lead to confusion between cookies with prefixes like...
CVE-2004-1315
viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...
CVE-2001-1118
A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL...