Lucene search
K

4 matches found

Snyk
Snyk
added 2026/04/01 11:41 p.m.12 views

Improper Neutralization of Special Elements in Data Query Logic

Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the searchCustomPages process. An attacker can access unintended content by submitti...

6.9CVSS6AI score0.00336EPSS
Exploits1References2
CVE
CVE
added 2025/10/21 5:24 p.m.15 views

CVE-2025-11757

CVE-2025-11757 affects CloudEdge Cloud (MQTT topic input) where input is not sanitized, enabling an attacker to leverage MQTT wildcards to subscribe and receive messages intended for other users, potentially exposing credentials and key information to connect to cameras in peer-to-peer fashion. A...

8.7CVSS6.2AI score0.00296EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/21 5:24 p.m.18 views

CVE-2025-11757 Improper Neutralization of Wildcards or Matching Symbols in CloudEdge Online Cameras and App

The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribing to the a MQTT topic. In these messages, the attacker can obtain the credentials and key...

8.7CVSS0.00296EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/02/13 5:7 p.m.6 views

keycloak: reflected XSS via wildcard in OIDC redirect_uri

A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting XSS or further attacks. This flaw is the result of an incomple...

5.4CVSS5.5AI score0.00912EPSS
Exploits1References4
Rows per page
Query Builder