Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.13 views

PT-2026-51608

Name of the Vulnerable Software and Affected Versions FlatPress versions prior to commit 10be83c Description A stored cross-site scripting issue exists in comment and contact forms. The name, URL, and email fields are rendered without proper output encoding in Smarty templates. This allows...

8.4CVSS5.9AI score0.00243EPSS
Exploits0References7
OSV
OSV
added 2026/05/14 8:29 p.m.7 views

GHSA-88GH-2526-GFRR DeepSeek TUI has SSRF‌ IPV6 bypass

Summary Although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in‌‌ URL‌ as http://::1, the SSRF defenses do not work. Details...

7.4CVSS5.8AI score0.00239EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/09/30 6:30 p.m.5 views

validator.js has a URL validation bypass vulnerability in its isURL function

A URL validation bypass vulnerability exists in validator.js prior to version 13.15.20. The isURL function uses '://' as a delimiter to parse protocols, while browsers use ':' as the delimiter. This parsing difference allows attackers to bypass protocol and domain validation by crafting URLs...

6.1CVSS6.1AI score0.00302EPSS
Exploits1References10Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/15 4:12 p.m.8 views

CVE-2025-58748 Dataease H2 data source JDBC URL validation bypass leads to remote code execution

Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12 the H2 data source implementation H2.java does not verify that a provided JDBC URL starts with jdbc:h2. This lack of validation allows a crafted JDBC configuration that substitutes the Amazon...

8.7CVSS7.4AI score0.00758EPSS
Exploits1References2
CNVD
CNVD
added 2017/06/08 12:0 a.m.5 views

Samsung SM-N9005 and SM-G920F Samsung kernel for Android secfilter input validation vulnerability

Samsung kernel for Android on SM-N9005 Note 3 and SM-G920F Galaxy S6 are kernels for Android running in the SM-N9005 Note 3 and SM-G920F Galaxy S6 smartphones from Samsung, South Korea. secfilter is one of the URL resolution filtering plugins. secfilter is a URL parsing and filtering plug-in for...

9.6CVSS6.8AI score0.39413EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2005/12/28 12:0 a.m.5 views

PT-2005-5208 · Clearswift · Clearswift Mimesweeper For Web

Name of the Vulnerable Software and Affected Versions: Clearswift MIMEsweeper For Web a.k.a. WEBsweeper versions 4.0 through 5.1 Description: The issue allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file. Recommendations: For...

5CVSS6.7AI score0.01718EPSS
Exploits1References5
Rows per page
Query Builder