WordPress Google Plus One Bottom plugin <= 0.0.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by swat in WordPress Plugin Google Plus One Bottom versions = 0.0.2...

Malicious code in @rivianlabs/bedrock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d12061e491ebc9109496b77ffd62384bba9a781ac9f0579343a61c5742df351 The package @rivianlabs/bedrock was found to contain malicious code. Source: ossf-package-analysis...

CloudFoundry CF Deployment 和CloudFoundry Routing release 安全漏洞

CloudFoundry CF Deployment and CloudFoundry Routing are both products of the CloudFoundry Foundation. CloudFoundry CF Deployment is a code deployment component. CloudFoundry Routing release is a collection of application routing components. Both CloudFoundry CF Deployment and CloudFoundry Routing...

@christianhugo/mobile-builder (>=0.7.3-beta.3 <=0.7.4-beta.9), @christianhugoch/cli (>=0.7.2-beta.12 <=0.7.2-beta.13) +95 more potentially affected by unknown CVE via @saltcorn/data (>=0.0.2 <=1.4.3)

@saltcorn/data NPM version =0.0.2, =0.7.3-beta.3, =0.7.2-beta.12, =0.1.0, =0.0.1, =1.0.0, =0.1.4, =0.6.4, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.0.2, =1.4.3 and more Source cves: unknown CVE Source advisory: OSV:GHSA-9237-RG5P-RHFW...

CVE-2024-53412

CVE-2024-53412 describes a command injection in the i/o of NietThijmen ShoppingCart 0.0.2, specifically in the connect function where user-supplied input in the Port field enables arbitrary shell commands and potential remote code execution. The public documentation identifies the vulnerability a...

Shopping Cart 安全漏洞

Shopping Cart is a SSH host connection management tool developed by Thijmen’s individual developer. Version 0.0.2 of Shopping Cart contains a security vulnerability, which stems from command injection in the connect function. This vulnerability could potentially allow for the execution of arbitra...

PT-2026-33062

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...

CVE-2025-30204 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26

CVE-2025-30204 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26. A patched version of the package is available...

CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26

CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26. A patched version of the package is available...

Datapizza AI 代码问题漏洞

Datapizza AI is an open-source development framework for intelligent agents by Datapizza. Version 0.0.2 of Datapizza AI contains code vulnerabilities. These vulnerabilities stem from incorrect operations on the function RedisCache in the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.p...

initCoders Free Photo & Video Vault 路径遍历漏洞

initCoders Free Photo & Video Vault is an album application developed by the Indian company initCoders. Version 0.0.2 of initCoders Free Photo & Video Vault has a path traversal vulnerability, which stems from a directory traversal vulnerability, potentially allowing access to sensitive system...

CVE-2025-65512

A Server-Side Request Forgery SSRF vulnerability was discovered in the webpage-to-markdown conversion feature of markdownify-mcp v0.0.2 and before. This vulnerability allows an attacker to bypass private IP restrictions through hostname-based bypass and HTTP redirect chains, enabling access to...

EUVD-2025-202592

Cross Site Scripting vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to obtain sensitive information via the login.php component...

CVE-2025-56430

Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the deleteDirectory function...

FearlessCMS 安全漏洞

FearlessCMS is a flat file content management system from the individual developers at Fearless Geek Media. A security vulnerability exists in FearlessCMS version v.0.0.2-15, which stems from a directory traversal vulnerability in the plugin-handler.php and filegetcontents functions, which could...

FearlessCMS 安全漏洞

FearlessCMS is a flat file content management system from the individual developers at Fearless Geek Media. A security vulnerability exists in FearlessCMS version v.0.0.2-15, which stems from a cross-site scripting vulnerability in the login.php component that could lead to the disclosure of...

CVE-2025-56429

Cross Site Scripting vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to obtain sensitive information via the login.php component...

FearlessCMS 安全漏洞

FearlessCMS is a flat file content management system from the individual developers at Fearless Geek Media. A security vulnerability exists in FearlessCMS version v.0.0.2-15, which stems from a directory traversal vulnerability in the plugin-handler.php and deleteDirectory functions, which could...

CVE-2025-56430

CVE-2025-56430 : A directory traversal vulnerability affects FearlessCMS v0.0.2-15, allowing a remote attacker to cause a denial of service via the plugin-handler.php and the deleteDirectory function. The root cause is a directory traversal issue in the referenced code path. Exploitation details ...

CVE-2025-56430

Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the deleteDirectory function...