CVE-2026-30563

A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...

EUVD-2021-24800

Malware in sbrugna...

EUVD-2022-35899

Malicious code in bioql PyPI...

CVE-2025-43252

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15.6. A website may be able to access sensitive user data when resolving symlinks...

CVE-2022-32833

An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history...

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-44192 webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2024-54467...

Contao: Unencoded insert tags in the frontend

Impact It is possible to inject insert tags via the form generator if the submitted form data is output on the page in a specific way. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Do not output the submitted form data on the website. References...

CVE-2023-42844

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks...

GHSA-8WWW-CFFH-4Q98 Anyone with a share link can RESET all website data in Umami

Summary Anyone with a share link permissions to view can reset the website data. Details When a user navigates to a /share/ URL, he receives a share token which is used for authentication. This token is later verified by useAuth. After the token is verified, the user can call most of the GET APIs...

Anyone with a share link can RESET all website data in Umami

Summary Anyone with a share link permissions to view can reset the website data. Details When a user navigates to a /share/ URL, he receives a share token which is used for authentication. This token is later verified by useAuth. After the token is verified, the user can call most of the GET APIs...

SUSE CVE-2020-29623

"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete...

CVE-2022-32833

An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history...

CVE-2022-32833

An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history...

Code injection

An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history...

CVE-2022-32833

An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history...

CVE-2022-32833

CVE-2022-32833 describes an issue with the file paths used to store website data on Apple iOS. The root cause is an insecure handling of website data paths, which could allow an unauthenticated user to access browsing history. The vulnerability is mitigated by Apple’s fix in iOS 16. Connected sou...

Apple iOS 安全漏洞

Apple iOS is an operating system developed by Apple Inc. for mobile devices. A security vulnerability exists in Apple iOS versions prior to 16, which stems from a problem with the path to a file used to store website data, and can be exploited by an attacker to access browsing history. The...

PT-2022-21508 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16 Description: An issue existed with the file paths used to store website data, potentially allowing an unauthorized user to access browsing history. The issue was resolved by improving how website data is stored and by...

CVE-2022-27885

Maccms v10 was discovered to contain multiple reflected cross-site scripting XSS vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters...

Maccms 跨站脚本漏洞

Maccms is a PHP-based film and television content management system CMS. v10 version of Maccms is vulnerable to a cross-site scripting vulnerability, which originates from the lack of user-supplied data and output data validation filtering in the select and input parameters in...