Lucene search
K

53 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.24 views

CVE-2024-39899

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. In v1.5, PrivateBin introduced the YOURLS server-side proxy. The idea was to allow using the YOURLs URL shortener without running the YOURLs instance without authentication and/or exposing the authentication toke...

5.3CVSS6.9AI score0.00627EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/24 8:23 a.m.14 views

EUVD-2025-35820

The URL Shortener Plugin For WordPress plugin for WordPress is vulnerable to unauthorized access to functionality provided by the API due to a missing capability check on the verifyRequest function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, wi...

6.3CVSS4.6AI score0.00244EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-2387

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00627EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 7:26 a.m.12 views

CVE-2024-0524

A vulnerability was found in CXBSoft Url-shorting up to 1.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument url leads to sql injection. The exploit has been disclosed to the public and may be used...

9.8CVSS7.2AI score0.00607EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:25 a.m.11 views

CVE-2024-0527

A vulnerability, which was classified as critical, has been found in CXBSoft Url-shorting up to 1.3.1. This issue affects some unknown processing of the file /admin/pages/updatego.php of the component HTTP POST Request Handler. The manipulation of the argument version leads to sql injection. The...

9.8CVSS9.8AI score0.00698EPSS
Exploits0References1
Veracode
Veracode
added 2024/07/11 6:16 a.m.16 views

Authorization Bypass

PrivateBin is vulnerable to Authorization Bypass. The vulnerability is exists due to insufficient authorization controls in the implementation of the YOURLS server-side proxy mechanism, The vulnerability allows any user to shorten URLs pointing to the configured PrivateBin instance, bypassing the...

5.3CVSS6.6AI score0.00627EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2024/07/10 2:25 p.m.24 views

PrivateBin allows shortening of URLs for other domains

In v1.5 we introduced the YOURLS server-side proxy. The idea was to allow using the YOURLs URL shortener without running the YOURLs instance without authentication and/or exposing the authentication token to the public, allowing anyone to shorten any URL. With the proxy mechanism, anyone can...

5.3CVSS5.7AI score0.00627EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/07/10 2:25 p.m.26 views

GHSA-MQQJ-FX8H-437J PrivateBin allows shortening of URLs for other domains

In v1.5 we introduced the YOURLS server-side proxy. The idea was to allow using the YOURLs URL shortener without running the YOURLs instance without authentication and/or exposing the authentication token to the public, allowing anyone to shorten any URL. With the proxy mechanism, anyone can...

6.9CVSS5.7AI score0.00627EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/07/09 6:57 p.m.16 views

CVE-2024-39899 PrivateBin allows shortening of URLs for other domains

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. In v1.5, PrivateBin introduced the YOURLS server-side proxy. The idea was to allow using the YOURLs URL shortener without running the YOURLs instance without authentication and/or exposing the authentication toke...

5.3CVSS7AI score0.00627EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 6:57 p.m.56 views

CVE-2024-39899 PrivateBin allows shortening of URLs for other domains

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. In v1.5, PrivateBin introduced the YOURLS server-side proxy. The idea was to allow using the YOURLs URL shortener without running the YOURLs instance without authentication and/or exposing the authentication toke...

5.3CVSS0.00627EPSS
Exploits0References3
CVE
CVE
added 2024/01/15 12:31 a.m.52 views

CVE-2024-0527

CXBSoft Url-shorting

9.8CVSS9.6AI score0.00698EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/01/15 12:15 a.m.12 views

CVE-2024-0525

A vulnerability classified as critical has been found in CXBSoft Url-shorting up to 1.3.1. This affects an unknown part of the file /pages/longsshort.php of the component HTTP POST Request Handler. The manipulation of the argument longurl leads to sql injection. The exploit has been disclosed to...

9.8CVSS6.9AI score0.00607EPSS
Exploits0References3
NVD
NVD
added 2024/01/15 12:15 a.m.22 views

CVE-2024-0524

A vulnerability was found in CXBSoft Url-shorting up to 1.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument url leads to sql injection. The exploit has been disclosed to the public and may be used...

9.8CVSS6.8AI score0.00607EPSS
Exploits0References3
OSV
OSV
added 2024/01/15 12:15 a.m.3 views

CVE-2024-0524

A vulnerability was found in CXBSoft Url-shorting up to 1.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument url leads to sql injection. The exploit has been disclosed to the public and may be used...

9.8CVSS5.6AI score0.00607EPSS
Exploits0References3
OSV
OSV
added 2024/01/15 12:15 a.m.5 views

CVE-2024-0525

A vulnerability classified as critical has been found in CXBSoft Url-shorting up to 1.3.1. This affects an unknown part of the file /pages/longsshort.php of the component HTTP POST Request Handler. The manipulation of the argument longurl leads to sql injection. The exploit has been disclosed to...

9.8CVSS5.7AI score0.00607EPSS
Exploits0References3
OSV
OSV
added 2024/01/15 12:15 a.m.5 views

CVE-2024-0526

A vulnerability classified as critical was found in CXBSoft Url-shorting up to 1.3.1. This vulnerability affects unknown code of the file /pages/shorttolong.php of the component HTTP POST Request Handler. The manipulation of the argument shorturl leads to sql injection. The exploit has been...

9.8CVSS5.7AI score0.00607EPSS
Exploits0References3
Prion
Prion
added 2024/01/15 12:15 a.m.14 views

Sql injection

A vulnerability classified as critical has been found in CXBSoft Url-shorting up to 1.3.1. This affects an unknown part of the file /pages/longsshort.php of the component HTTP POST Request Handler. The manipulation of the argument longurl leads to sql injection. The exploit has been disclosed to...

5.2CVSS7.6AI score0.00607EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2024/01/15 12:15 a.m.19 views

Sql injection

A vulnerability classified as critical was found in CXBSoft Url-shorting up to 1.3.1. This vulnerability affects unknown code of the file /pages/shorttolong.php of the component HTTP POST Request Handler. The manipulation of the argument shorturl leads to sql injection. The exploit has been...

5.2CVSS7.8AI score0.00607EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/15 12:0 a.m.6 views

CVE-2024-0526 CXBSoft Url-shorting HTTP POST Request short_to_long.php sql injection

A vulnerability classified as critical was found in CXBSoft Url-shorting up to 1.3.1. This vulnerability affects unknown code of the file /pages/shorttolong.php of the component HTTP POST Request Handler. The manipulation of the argument shorturl leads to sql injection. The exploit has been...

5.5CVSS7.7AI score0.00607EPSS
Exploits0References3
CVE
CVE
added 2024/01/15 12:0 a.m.69 views

CVE-2024-0526

CXBSoft Url-shorting

9.8CVSS9.7AI score0.00607EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder