CVE-2018-25165

Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract...

CVE-2018-25165 Galaxy Forces MMORPG 0.5.8 SQL Injection via ads.php

Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract...

CVE-2025-67366

@sylphxltd/filesystem-mcp v0.5.8 is an MCP server that provides file content reading functionality. Version 0.5.8 of filesystem-mcp contains a critical path traversal vulnerability in its "readcontent" tool. This vulnerability arises from improper symlink handling in the path validation mechanism...

Filesystem MCP 安全漏洞

Filesystem MCP is a Sylphx open source MCP file system server. A security vulnerability exists in Filesystem MCP version 0.5.8, which stems from improper handling of symbolic links in the path validation mechanism, and could lead to bypassing directory restrictions and accessing unauthorized file...

PT-2026-1881

Name of the Vulnerable Software and Affected Versions @sylphxltd/filesystem-mcp version 0.5.8 Description @sylphxltd/filesystem-mcp version 0.5.8 contains a path traversal issue in the “read content” tool. The issue is due to improper symlink handling in the path validation mechanism. The...

CVE-2024-8865

A vulnerability was found in composiohq composio up to 0.5.8 and classified as problematic. Affected by this issue is the function path of the file composio\server\api.py. The manipulation of the argument file leads to path traversal. The exploit has been disclosed to the public and may be used...

CVE-2020-36661

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

Composio Path Traversal Vulnerability

Composio is a production-ready toolset for AI agents open-sourced by Composio. A path traversal vulnerability exists in Composio version 0.5.8 and prior versions, which stems from the fact that incorrect manipulation of the parameter file can lead to path traversal. No details of the vulnerabilit...

GHSA-66R2-XM28-74W9 Composio Path Traversal vulnerability

A vulnerability was found in composiohq composio up to 0.5.8 and classified as problematic. Affected by this issue is the function path of the file composio\server\api.py. The manipulation of the argument file leads to path traversal. The exploit has been disclosed to the public and may be used...

Composio 路径遍历漏洞

Composio is a production-ready toolset for AI agents open-sourced by Composio. A path traversal vulnerability exists in Composio version 0.5.8 and prior versions, which stems from the fact that incorrect manipulation of the parameter file can lead to path traversal. No details of the vulnerabilit...

SUSE CVE-2020-11709

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

CVE-2023-28441

smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...

Design/Logic Flaw

smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...

CVE-2023-28441 smartCARS 3 Password Stored as plain text in Error Log

smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...

smartCARS 日志信息泄露漏洞

Invernyx smartCARS is an application from Invernyx Corporation. A log information disclosure vulnerability exists in smartCARS version 0.5.8 and earlier, which stems from the fact that all failed login attempts store their passwords in an error log...

lua-multipart 安全漏洞

lua-multipart is a Lua library for parsing and editing multipart/form-data data. A security vulnerability exists in Kong lua-multipart version 0.5.8-1. An attacker has exploited the vulnerability to reduce regular expression complexity...

pycnet-audio (>=0.5.1 <=0.5.8) potentially affected by CVE-2021-29526 via tensorflow-cpu (=2.2.0)

tensorflow-cpu PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - pycnet-audio =0.5.1, =0.5.8 Source cves: CVE-2021-29526 Source advisory: OSV:GHSA-4VF2-4XCG-65CX...

DEBIAN-CVE-2021-29482

xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size o...

cpp-httplib injection vulnerability

cpp-httplib is an HTTP/HTTPS server and client library written in C++. A security vulnerability exists in cpp-httplib version 0.5.8 and earlier, which stems from the program's failure to filter string-laden arguments passed to the 'setredirect' and 'setheader' functions. The vulnerability can be...

PT-2020-12796 · Cpp Httplib · Cpp-Httplib

Name of the Vulnerable Software and Affected Versions: cpp-httplib versions 0.5.8 and earlier Description: The issue arises from the lack of filtering for r in parameters passed to the set redirect and set header functions, potentially leading to CRLF injection and HTTP response splitting in...