6 matches found
PT-2026-51608
Name of the Vulnerable Software and Affected Versions FlatPress versions prior to commit 10be83c Description A stored cross-site scripting issue exists in comment and contact forms. The name, URL, and email fields are rendered without proper output encoding in Smarty templates. This allows...
GHSA-88GH-2526-GFRR DeepSeek TUI has SSRF IPV6 bypass
Summary Although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in URL as http://::1, the SSRF defenses do not work. Details...
validator.js has a URL validation bypass vulnerability in its isURL function
A URL validation bypass vulnerability exists in validator.js prior to version 13.15.20. The isURL function uses '://' as a delimiter to parse protocols, while browsers use ':' as the delimiter. This parsing difference allows attackers to bypass protocol and domain validation by crafting URLs...
CVE-2025-58748 Dataease H2 data source JDBC URL validation bypass leads to remote code execution
Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12 the H2 data source implementation H2.java does not verify that a provided JDBC URL starts with jdbc:h2. This lack of validation allows a crafted JDBC configuration that substitutes the Amazon...
Samsung SM-N9005 and SM-G920F Samsung kernel for Android secfilter input validation vulnerability
Samsung kernel for Android on SM-N9005 Note 3 and SM-G920F Galaxy S6 are kernels for Android running in the SM-N9005 Note 3 and SM-G920F Galaxy S6 smartphones from Samsung, South Korea. secfilter is one of the URL resolution filtering plugins. secfilter is a URL parsing and filtering plug-in for...
PT-2005-5208 · Clearswift · Clearswift Mimesweeper For Web
Name of the Vulnerable Software and Affected Versions: Clearswift MIMEsweeper For Web a.k.a. WEBsweeper versions 4.0 through 5.1 Description: The issue allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file. Recommendations: For...