CVE-2025-13811

A vulnerability was determined in jsnjfz WebStack-Guns 1.0. This vulnerability affects unknown code of the file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. Executing a manipulation of the argument sort can lead to sql injection. It is possible to launch the atta...

PT-2025-47245

Name of the Vulnerable Software and Affected Versions Supermicro BMC versions affected versions not specified Description A buffer overflow exists in the web stack of the Supermicro BMC on the MBD-X13SEDW-F model. An attacker gaining access to the BMC Web server can exploit this issue using a...

EUVD-2021-29597

Malicious code in bioql PyPI...

EUVD-2021-29604

Malicious code in bioql PyPI...

EUVD-2021-29603

Malicious code in bioql PyPI...

EUVD-2021-29601

Malicious code in bioql PyPI...

CVE-2021-42637

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery SSRF vulnerability...

CVE-2021-42635

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APPKEY value, leading to pre-auth remote code execution...

CVE-2021-42640

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference IDOR vulnerability that allows an unauthenticated attacker to reassign drivers for any printer...

CVE-2021-42631

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution...

CVE-2021-42641

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference IDOR vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users...

CVE-2021-42638

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution...

Stack overflow

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup...

Improper Neutralization Of HTTP Headers

Spring HATEOS is vulnerable to Improper Neutralization Of HTTP Headers. The vulnerability is due to not sanitizing or stripping the "Forwarded", "X-Forwarded-Host", "X-Forwarded-Port" or "X-Forwarded-Proto" headers. This can allow an attacker to spoof these headers values thereby bypassing securi...

Design/Logic Flaw

Reactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle and possibly discard...

@sysdoc/sysdoc-web-stack (=1.0.0), open-stack (>=1.1.0 <=1.2.7) potentially affected by CVE-2019-13483 via passport-sharepoint (=0.2.12)

passport-sharepoint NPM version =0.2.12 is affected by a known vulnerability. The following packages have a transitive dependency on passport-sharepoint and may be impacted: - @sysdoc/sysdoc-web-stack =1.0.0 - open-stack =1.1.0, =1.2.7 Source cves: CVE-2019-13483 Source advisory:...

PrinterLogic Web Stack Insecure Direct Object Reference (IDOR) Vulnerability

PrinterLogic Web Stack PrinterLogic Printer Installer is a native Web application from PrinterLogic USA, Inc. Enabling the It department to manage and automate the creation/propagation of PrinterObjects and printer drivers across print environments from a single management console. PrinterLogic W...

PrinterLogic Web Stack Insecure Direct Object Reference (IDOR) Vulnerability (CNVD-2022-11105)

PrinterLogic Web Stack PrinterLogic Printer Installer is a native Web application from PrinterLogic, Inc. It enables the It department to manage and automatically create/propagate PrinterObjects and printer drivers across print environments from a single management console. PrinterLogic Web Stack...

CVE-2021-42639

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization...

CVE-2021-42641

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference IDOR vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users...