67 matches found
CVE-2025-15154
A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function getuserip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiat...
CVE-2025-15154
A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function getuserip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiat...
CVE-2025-15154 PbootCMS Header handle.php get_user_ip less trusted source
A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function getuserip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiat...
CVE-2025-15154 PbootCMS Header handle.php get_user_ip less trusted source
A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the function getuserip of the file core/function/handle.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to use of less trusted source. The attack can be initiat...
PbootCMS 安全漏洞
PbootCMS is PbootCMS open source an open source enterprise website content management system CMS developed using PHP language. A security vulnerability exists in PbootCMS 3.2.12 and earlier versions, which stems from the incorrect operation of the Header Handler component function getuserip on th...
CVE-2025-13829
Incorrect Authorization vulnerability in Data Illusion Zumbrunn NGSurvey allows any logged-in user to obtain the private information of any other user. Critical information retrieved: APIKEY 1 year user Session RefreshToken 10 minutes user Session Password hashed with bcrypt User IP Email Full Na...
PT-2025-48486
Incorrect Authorization vulnerability in Data Illusion Zumbrunn NGSurvey allows any logged-in user to obtain the private information of any other user. Critical information retrieved: APIKEY 1 year user Session RefreshToken 10 minutes user Session Password hashed with bcrypt User IP Email Full Na...
EUVD-2019-16531
Malware in sbrugna...
EUVD-2020-7133
Malware in sbrugna...
EUVD-2020-2552
Malware in sbrugna...
EUVD-2018-9527
Malware in sbrugna...
EUVD-2008-6564
Malware in sbrugna...
EUVD-2023-35142
Malicious code in bioql PyPI...
EUVD-2024-17252
Malicious code in bioql PyPI...
EUVD-2023-41885
Malicious code in bioql PyPI...
EUVD-2024-22147
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-38059
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The loading of external images is not blocked, even if configured, if the attacker uses protocol-relative URL in the payload. This can be used to retreive the I...
Linux Distros Unpatched Vulnerability : CVE-2020-10087
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab before 12.8.2 allows Information Disclosure. Badge images were not being proxied, causing mixed content warnings as well as leaking the IP address of the...
CVE-2005-4880
Jax Guestbook 3.1 and 3.31 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain IP addresses of users via a direct request to 1 guestbook, 2 guestbookips2block, 3 ips2block, and 4 formmailer/logfile.csv...
Private Data Structure Returned From A Public Method
github.com/apache/answer, is vulnerable to Private Data Structure Returned From A Public Method. The vulnerability is due to the application allowing external content to be loaded without restriction, allowing an attacker to track or identify users by collecting their IP addresses through...