CVE-2026-40561

Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...

Fedora: Security Advisory (FEDORA-2026-63f333201f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-67858 A crafted "interface" input parameter can lead to integrity loss of the firewall configuration

A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to nft. This issue affects Foomuuri: from ? before 0.31...

UBUNTU-CVE-2025-67603

A Improper Authorization vulnerability in Foomuuri llows arbitrary users to influence the firewall configuration.This issue affects Foomuuri: from ? before 0.31...

CVE-2025-67603

CVE-2025-67603 affects Foomuuri prior to 0.31. An improper Authorization flaw allows arbitrary users to influence firewall configuration via D-Bus methods due to missing PolicyKit authorization and insufficient input validation. Upstream fixes are in v0.31, addressing CVE-2025-67603 and CVE-2025-...

PT-2026-1886

Name of the Vulnerable Software and Affected Versions Foomuuri versions prior to 0.27-2+deb13u1 Foomuuri versions prior to 0.31 Description An Improper Neutralization of Argument Delimiters issue exists in Foomuuri, potentially leading to integrity loss of the firewall configuration or other...

CVE-2021-43353

The Crisp Live Chat WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the crisppluginsettingspage function found in the /crisp.php file, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 0.31...

CVE-2021-43353

The Crisp Live Chat WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the crisppluginsettingspage function found in the /crisp.php file, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 0.31...

Crisp Live Chat < 0.32 - CSRF to Stored Cross-Site Scripting

The plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the crisppluginsettingspage function found in the /crisp.php file, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 0.31...

bbclone-rfi.txt

------------------------------------------------------------------------------------------------------------------------ Script:bbclone Affected Version:0.31 Downlaoad:http://sindominio.net/ayuda/bbclone-0.31-esp.zip...

BBClone 0.31 - selectlang.php Remote File Inclusion

BBClone 0.31 - selectlang.php Remote File Inclusion ------------------------------------------------------------------------------------------------------------------------ Script:bbclone Affected Version:0.31 Downlaoad:http://sindominio.net/ayuda/bbclone-0.31-esp.zip...

XSS in yacy 0.31

Donato Ferrante Application: yacy http://www.yacy.net Version: 0.31 Bug: cross site scripting Date: 24-Dec-2004 Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2. The bug 3...