curl: access notes without permission

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

MainWP: Reflected XSS in “Create Category” Functionality of Post Creation Module

A reflected Cross-Site Scripting (XSS) vulnerability was identified in the "Create Category" feature of the post creation functionality. When a user entered a malicious JavaScript pa ...

Continue Reading

August 12, 2025

curl: arbitrary file read via `file://` path traversal with `–path-as-is`

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

Mozilla: Bypass “No Links” Restriction in Biography via Protocol-Relative URL (//)

The report identifies a bypass vulnerability in the biography field on addons.allizom.org. Despite the application's policy against allowing links, it was possible to embed functional hyperlinks ...

Continue Reading

August 12, 2025

MainWP: Reflected XSS in “Cost Tracker” Notes Field

The reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" input field of the Cost Tracker section in MainWP (Version 5.4.0.11). Arbitrary user input in thi ...

Continue Reading

August 12, 2025

curl: Arbitrary File Read via file:// Protocol in cURL

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

Node.js: Windows Device Names Still Allow Path Traversal in UNC Paths After CVE-2025-27210 Fix

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: Disclosure of email addresses

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

1 32,509 32,510 32,511 32,512 32,513 385,998

Back to Main
Subscribe for the latest news: