CVE-2025-68034

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CleverReach® CleverReach® WP cleverreach-wp allows SQL Injection.This issue affects CleverReach® WP: from n/a through = 1.5.21...

CVE-2025-68034

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CleverReach® CleverReach® WP cleverreach-wp allows SQL Injection.This issue affects CleverReach® WP: from n/a through = 1.5.21...

CVE-2025-68034 WordPress CleverReach® WP plugin <= 1.5.21 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CleverReach® CleverReach® WP cleverreach-wp allows SQL Injection.This issue affects CleverReach® WP: from n/a through = 1.5.21...

CVE-2025-68034

CVE-2025-68034 affects the CleverReach® WP WordPress plugin up to version 1.5.22. The root cause is Improper Neutralization of Special Elements in SQL Commands, enabling SQL Injection. Impact is high confidentiality risk (CVE notes HIGH) with potential data exposure/modification; exploitation is ...

CVE-2025-68034 WordPress CleverReach® WP plugin <= 1.5.21 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CleverReach® CleverReach® WP cleverreach-wp allows SQL Injection.This issue affects CleverReach® WP: from n/a through = 1.5.21...

WordPress plugin CleverReach has a SQL injection vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4066

Name of the Vulnerable Software and Affected Versions CleverReach® WP versions through 1.5.22 Description A flaw exists in CleverReach® WP that allows for SQL Injection. This issue is due to improper neutralization of special elements used in an SQL command. The vulnerability could potentially...

WordPress CleverReach® WP plugin <= 1.5.21 - SQL Injection vulnerability

SQL Injection vulnerability discovered by 0xd4rk5id3 in WordPress Plugin CleverReach® WP versions = 1.5.21...

EUVD-2023-49924

Malicious code in bioql PyPI...

CVE-2023-48320

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebDorado SpiderVPlayer allows Stored XSS.This issue affects SpiderVPlayer: from n/a through 1.5.22...

PT-2025-1927 · WordPress · The Picture Gallery – Frontend Image Uploads

Name of the Vulnerable Software and Affected Versions: The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress versions up to, and including, 1.5.22 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escapi...

WordPress Picture Gallery plugin <= 1.5.22 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Picture Gallery versions = 1.5.22...

TP-LINK IoT Smart Hub 安全漏洞

TP-LINK IoT Smart Hub is a series of smart hubs from China's Universal Link TP-LINK. A security vulnerability exists in TP-LINK IoT Smart Hub versions prior to 1.5.22, which originates from storing Wi-Fi credentials in plaintext within the device's firmware, which allows an attacker to extract th...

matio: Multiple Vulnerabilities

Background matio is a library for reading and writing matlab files. Description Multiple vulnerabilities have been discovered in matio. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

CVE-2024-0301

A vulnerability classified as critical was found in fhs-opensource iparking 1.5.22.RELEASE. This vulnerability affects the function getData of the file src/main/java/com/xhb/pay/action/PayTempOrderAction.java. The manipulation leads to sql injection. The attack can be initiated remotely. The...

Sql injection

A vulnerability classified as critical was found in fhs-opensource iparking 1.5.22.RELEASE. This vulnerability affects the function getData of the file src/main/java/com/xhb/pay/action/PayTempOrderAction.java. The manipulation leads to sql injection. The attack can be initiated remotely. The...

PT-2024-15453 · Fhs Opensource · Iparking

Name of the Vulnerable Software and Affected Versions: fhs-opensource iparking version 1.5.22.RELEASE Description: A critical issue has been found in the processing of the file /vueLogin, which leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed to the...

CVE-2023-48320

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebDorado SpiderVPlayer allows Stored XSS.This issue affects SpiderVPlayer: from n/a through 1.5.22...

PT-2023-30781 · Webdorado · Web Dorado Spider Video Player

Name of the Vulnerable Software and Affected Versions: WebDorado SpiderVPlayer versions 1.5.22 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject...

WordPress Video Player Plugin <= 1.5.22 is vulnerable to Cross Site Scripting (XSS)

Software Video Player Type Plugin Vulnerable versions = 1.5.22 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48320 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 90d3d469b500 Credits SeungYongLee Required privilege...