-
**Topic**
Signup Page Misconfiguration Leading to File Download
**Details**
Security bug in the signup page of Cab Rental, where the signup page downloads the register.php file instead of process…
-
Support CPE for the "affected" array:
https://cveproject.github.io/cve-schema/schema/v5.0/docs/#oneOf_i0_containers_cna_affected_items_cpes
This issue is only to support syntactically correct CP…
-
Hi, sorry for reporting it here. I found a way to exfiltrate data from the user's chat because of the nature of the plugin that allows it to render most of the HTML tag and the default plugin RAG beha…
-
We should include support for SSVC, as discussed in #462 and during July TC meeting.
-
**Github username:** @M0sharaff
**Twitter username:** @I_am_0xMosh
**Submission hash (on-chain):** 0xcb56fb82d3d84f08b8480c45bf9faa12ac7cffbeab438498016d4e09e89e3d8c
**Severity:** medium
**Descripti…
-
Veracode Software Composition Analysis
===============================
Attribute | Details
| --- | --- |
Library | Spring Beans
Description | Spring Beans
Language | JAVA
Vulnerability…
-
**Github username:** @emerald7017
**Twitter username:** --
**Submission hash (on-chain):** 0xd4b2987f0bc50850b16d8e87ec987ff73ea72b34671d878f8500a1fddf553d26
**Severity:** low
**Description:**
## Su…
-
Mansa11
Medium
# Zero-Amount Swap Vulnerability in WOOFi Solana Protocol
## Summary
This protocol's `swap` function allows for zero-amount swaps, potentially leading to unintended protocol behav…
-
PAN-OS Firewall is a popular firewall with more than 40K instances on the internet.
the exploit is easy to trigger it is a simple post request.
due to active exploitation, I think it is better to le…
-
### Expected result
Check if Log4shell vulnerability (CVE-2021-44228) impacts Kontent Java Packages.
### Additional context
In Apache Log4j2 versions up to and including 2.14.1 (excluding sec…
ghost updated
1 month ago