GHSA-2X8X-JMRP-PHXW Sinatra vulnerable to Reflected File Download attack

Description An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. References...

Cross site request forgery (csrf)

IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220652...

Multi-Threaded HTTP Server 1.1 - Source Disclosure

Exploit Title: MultiThreaded HTTP Server v1.1 Source Disclosure Found By: DrIDE Date: Apr. 20, 2010 Download: http://voxel.dl.sourceforge.net/project/http/version1.1/%5BUnnamed%20release%5D/HTTPProjectfat.jar Tested on: Windows 7 - Description - MultiThreaded HTTP Server v1.1 is a Java based HTTP...