Search Results (5125 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-42914 2 Arrowjs, Trquoccuong 2 Arrowcms, Arrow Cms 2025-04-21 9.1 Critical
A host header injection vulnerability exists in the forgot password functionality of ArrowCMS version 1.0.0. By sending a specially crafted host header in the forgot password request, it is possible to send password reset links to users which, once clicked, lead to an attacker-controlled server and thus leak the password reset token. This may allow an attacker to reset other users' passwords.
CVE-2022-46265 1 Siemens 1 Polarion Alm 2025-04-21 5.4 Medium
A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The affected application contains a Host header injection vulnerability that could allow an attacker to spoof a Host header information and redirect users to malicious websites.
CVE-2017-17527 2 Debian, Pasdoc Project 2 Debian Linux, Pasdoc 2025-04-20 N/A
delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer has indicated that the code referencing the BROWSER environment variable is never used
CVE-2015-5227 1 Inboundnow 1 Wordpress Landing Pages 2025-04-20 N/A
The Landing Pages plugin before 1.9.2 for WordPress allows remote attackers to execute arbitrary code via the url parameter.
CVE-2017-5246 1 Biscom 1 Secure File Transfer 2025-04-20 N/A
Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double curly-braces ({{ }}). This expression will be evaluated by any other authenticated user who views the attacker's display name. Affected versions are 5.0.0000 through 5.1.1026. The Issue is fixed in 5.1.1028.
CVE-2016-8720 1 Moxa 2 Awk-3131a, Awk-3131a Firmware 2025-04-20 4.3 Medium
An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the HTTP response.
CVE-2017-17511 2 Debian, Kildclient 2 Debian Linux, Kildclient 2025-04-20 N/A
KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c.
CVE-2017-17512 1 Sensible-utils Project 1 Sensible-utils 2025-04-20 N/A
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.
CVE-2017-1000052 1 Plug Project 1 Plug 2025-04-20 7.8 High
Elixir Plug before v1.0.4, v1.1.7, v1.2.3 and v1.3.2 is vulnerable to null byte injection in the Plug.Static component, which may allow users to bypass filetype restrictions.
CVE-2017-17529 1 Abisource 1 Abiword 2025-04-20 N/A
af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
CVE-2017-7459 1 Ntop 1 Ntopng 2025-04-20 N/A
ntopng before 3.0 allows HTTP Response Splitting.
CVE-2015-2180 1 Roundcube 1 Webmail 2025-04-20 N/A
The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password.
CVE-2017-17530 1 Geomview 1 Geomview 2025-04-20 8.8 High
common/help.c in Geomview 1.9.5 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: this is disputed by a third party because no untrusted input can be used for the injection
CVE-2017-17532 1 Kiwi Project 1 Kiwi 2025-04-20 N/A
examples/framework/news/news3.py in Kiwi 1.9.22 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
CVE-2017-17533 1 Tkabber Project 1 Tkabber 2025-04-20 N/A
default.tcl in Tkabber 1.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the attack cannot occur because of the argument-parsing behavior of the Tcl exec function
CVE-2017-17517 1 Sylpheed Project 1 Sylpheed 2025-04-20 N/A
libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
CVE-2017-17534 1 Mensis Project 1 Mensis 2025-04-20 N/A
uiutil.c in Mensis 0.0.080507 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17521.
CVE-2017-17535 1 Gjots2 Project 1 Gjots2 2025-04-20 N/A
lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
CVE-2016-1155 1 Google 1 Android 2025-04-20 N/A
HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies.
CVE-2017-17519 1 Ocaml Batteries Project 1 Ocaml Batteries 2025-04-20 N/A
batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) 2.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.