Lucene search
K

4 matches found

NVD
NVD
added 2026/06/10 3:16 p.m.17 views

CVE-2026-45559

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, getldapemail app/modules/roxywi/user.py:120-157 builds the LDAP search filter via f-string concatenation. The username URL path parameter is taken verbatim — no checkAjaxInput, no...

4.9CVSS0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.11 views

Roxy-WI 注入漏洞

Roxy-WI is an open-source web interface designed for managing Haproxy, Nginx, and Keepalived servers. Versions of Roxy-WI 8.2.6.4 and earlier have a vulnerability that stems from the getldapemail function, which constructs LDAP search filters using f-string concatenation. The username URL path...

4.9CVSS5.4AI score0.00234EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/31 9:9 p.m.10 views

CVE-2025-15354

A flaw has been found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/addadmin.php. Executing manipulation of the argument Username can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published...

9.8CVSS6.9AI score0.00333EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/06 6:46 p.m.4 views

Malicious code in byted-flex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f7c46f02d189ba471aba10b985193a2e0476f4f7f9f6e068ddf3fe79c2088ea1 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7.1AI score
Exploits0References1
Rows per page
Query Builder