PT-2026-38382

Name of the Vulnerable Software and Affected Versions Gotenberg versions 8.31.0 and earlier Description A Server-Side Request Forgery SSRF issue exists in the LibreOffice conversion endpoint "/forms/libreoffice/convert". While some SSRF hardening is present in the Go code, the application passes...

PT-2025-32364 · Xerox · Xerox Freeflow Core

Name of the Vulnerable Software and Affected Versions: Xerox FreeFlow Core version 8.0.4 Description: Improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, resulting in a Server-Side Request Forgery SSRF...

OLX: Server Version Of https://www.olx.ph/

i see a server version of your website that have link: https://www.olx.ph/.htaccess The impact of this vulnerability Consult Web References for more information. This is a proof. http://prnt.sc/dtsjmo -- jaypogzz...

CodeIgniter: Vulnerable Javascript library

Hi @codeigniter, Description You are using a vulnerable Javascript library. One or more vulnerabilities were reported for this version of the Javascript library. Consult Attack details and Web References for more information about the affected library and the vulnerabilities that were reported...

Open-Xchange: Directory listing

Hi @dovecot , Vulnerability description The web server is configured to display the list of files contained in this directory. This is not recommended because the directory may contain files that are not normally exposed through links on the web site. Affected items lists.dovecot.fi The impact of...

Radancy: RC4 cipher suites detected

A group of researchers Nadhem AlFardan, Dan Bernstein, Kenny Paterson, Bertram Poettering and Jacob Schuldt have found new attacks against TLS that allows an attacker to recover a limited amount of plaintext from a TLS connection when RC4 encryption is used. The attacks arise from statistical fla...

Revive Adserver: Login page password-guessing attack

Vulnerability description not provided...

Localize: Login page password-guessing attack

Login page password-guessing attack Vulnerability description A common threat web developers face is a password-guessing attack known as a brute force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and...

IRCCloud: Login page password-guessing attack(Brute-force attack-High).

Hi, I found a Brute forcing attacking on your website. A common threat web developers face is a password-guessing attack known as a brute force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols...

Simple Machines Forum 1.1.11 Session Fixation

======================================================================================== | Title : Simple Machines Forum 1.1.11 Mullti Vulnerability | Author : indoushka | email : [email protected] | Home : www.sec-war.com | Web Site : http://www.simplemachines.org/ | Dork : Powered by SMF...

Apache Tomcat Directory Traversal

Vulnerability description: An input validation error can be exploited to download arbitrary files via directory traversal attacks. Successful exploitation requires that a context is configured with allowLinking="true" and that the connector is configured with URIEncoding="UTF-8". Affected version...