CVE-2026-36341

Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...

CVE-2026-36340

An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...

Heap overflow

axTLS v2.1.5 was discovered to contain a heap buffer overflow in the biimport function in axtls-code/crypto/bigint.c. This vulnerability allows attackers to cause a Denial of Service DoS when parsing a private key...

CVE-2023-33613

axTLS v2.1.5 was discovered to contain a heap buffer overflow in the biimport function in axtls-code/crypto/bigint.c. This vulnerability allows attackers to cause a Denial of Service DoS when parsing a private key...

CVE-2023-33613

CVE-2023-33613 affects axTLS v2.1.5 and is caused by a heap buffer overflow in the bi_import function (axtls-code/crypto/bigint.c). This vulnerability allows a Denial of Service when parsing a private key. The provided connected sources describe the flaw but do not provide concrete exploitation d...

CVE-2023-33613

axTLS v2.1.5 was discovered to contain a heap buffer overflow in the biimport function in axtls-code/crypto/bigint.c. This vulnerability allows attackers to cause a Denial of Service DoS when parsing a private key...

GHSA-W45J-F832-HXVH Pion/DLTS Accepts Client Certificates Without CertificateVerify

Impact A DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection itself is still secure. The Certificate provided by clients can't be trusted when using a...

dotProject 2.1.5 CSRF Vulnerability

No description provided by source. Source: http://packetstormsecurity.org/files/view/98245/dotProject2.1.5-xsrf.txt !------------------------------------------------------------------------ Software................dotProject 2.1.5 Vulnerability...........Cross-site Request Forgery...

dotProject GW v2.1.5 - Multiple SQL Injection Vulnerabilities

Document Title: =============== dotProject GW v2.1.5 - Multiple SQL Injection Vulnerabilities Release Date: ============= 2011-07-24 Vulnerability Laboratory ID VL-ID: ==================================== 83 Product & Service Introduction: =============================== dotProject is a PHP...

invision215.txt

Invision Power Board v2.1.5 Remote SQL Injection Filename :- funcmod.php Functionname :- postdelete Lines :- 89 To 209 Bug Found By :- Devil-00 Greetz :- Rock Master ^ Hackers Pal ^ n0m4rcy ^ www.securtygurus.net Code if isarray $id if count$id 0 $pid = " IN".implode",",$id.""; else return FALSE;...

Invision Power Board v2.1.5 Remote SQL Injection

Invision Power Board v2.1.5 Remote SQL Injection Filename :- funcmod.php Functionname :- postdelete Lines :- 89 To 209 Bug Found By :- Devil-00 Greetz :- Rock Master ^ Hackers Pal ^ n0m4rcy ^ www.securtygurus.net Code if isarray $id if count$id 0 $pid = " IN".implode",",$id.""; else return FALSE;...