CVE-2025-25184 Possible Log Injection in Rack::CommonLogger

Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be exploited by crafting input that includes newline characters to manipulate log entries. The supplied proof-of-concept demonstrates injecting malicious conten...

LavaLite CMS 5.7 Cross Site Scripting

Exploit Title: LavaLite CMS - 5.7 - Cross-Site Scripting Date: 09-10-2019 Exploit Author: Ismail Tasdelen Vendor Homepage: https://lavalite.org/ Software Link : https://github.com/LavaLite/cms Software : LavaLite CMS - v 5.7 Version : v 5.7 Vulernability Type : Cross-site Scripting Vulenrability ...

Bold CMS 3.6.4 Cross Site Scripting

Exploit Title: Bold CMS - 3.6.4 - Cross-Site Scripting Date: 2019-03-04 Exploit Author: Ismail Tasdelen Vendor Homepage: https://bolt.cm/ Software Link : https://github.com/bolt/bolt Software : Bold CMS - v 3.6.4 Version : v 3.6.4 Vulernability Type : Cross-site Scripting Vulenrability : Stored X...

ASP PortalApp Multiple SQL Injection

The remote host is running ASP PortalApp, a web application software written in ASP. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands, which could in turn be used to gain administrative access on the remote host. In addition, a path disclosure and...