EUVD-2025-204114

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in don-themes Riode | Multi-Purpose WooCommerce riode allows PHP Local File Inclusion.This issue affects Riode | Multi-Purpose WooCommerce: from n/a through = 1.6.23...

CVE-2025-60071 WordPress Riode | Multi-Purpose WooCommerce theme <= 1.6.23 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in don-themes Riode riode allows PHP Local File Inclusion.This issue affects Riode: from n/a through = 1.6.23...

PT-2025-52132

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in don-themes Riode | Multi-Purpose WooCommerce riode allows PHP Local File Inclusion.This issue affects Riode | Multi-Purpose WooCommerce: from n/a through = 1.6.23...

CVE-2025-59944

Cursor IDE versions 1.6.23 and earlier are affected by a vulnerability in how sensitive files are protected (notably /.cursor/mcp.json). The issue arises from case-sensitive checks that can be bypassed, allowing an attacker to modify sensitive files via prompt injection and achieve remote code ex...

Cursor 安全漏洞

Cursor is an AI code editor from Cursor Open Source. A security vulnerability exists in Cursor 1.6.23 and earlier versions, which stems from insufficient case-sensitive checking and could lead to remote code execution...

Linux Distros Unpatched Vulnerability : CVE-2018-16948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before...

Linux Distros Unpatched Vulnerability : CVE-2018-16949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array type...

WordPress Riode | Multi-Purpose WooCommerce theme <= 1.6.23 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Riode | Multi-Purpose WooCommerce versions = 1.6.23...

WordPress weForms plugin <= 1.6.23 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin weForms versions = 1.6.23...

WordPress weForms Plugin <= 1.6.23 is vulnerable to Backdoor

Software weForms Type Plugin Vulnerable versions = 1.6.23 Fixed in 1.6.24 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 83328c8ce30e Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...

Grav Input Validation Error Vulnerability

Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. An input validation error vulnerability exists in the Common/Grav.php file in Grav versions prior to 1.6.23. The vulnerability stems from a web-based syst...

OpenAFS CVE-2019-18601 Denial of Service Vulnerability

Description OpenAFS is prone to a denial-of-service vulnerability. A remote attacker may exploit this issue to cause a denial-of-service condition; denying service to legitimate users. OpenAFS 1.0 through 1.6.23 and 1.8.0 through 1.8.4 are vulnerable. Technologies Affected OpenAFS Openafs 1.0.0...

UBUNTU-CVE-2018-16949

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values...

subversion: Remote DoS due improper handling of early-closing TCP connections

The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service exit by aborting a connection...

DEBIAN-CVE-2013-1968

Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service FSFS repository corruption via a newline character in a file name...

Memory corruption

Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service FSFS repository corruption via a newline character in a file name...

CVE-2013-1968

Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service FSFS repository corruption via a newline character in a file name...

Apache Subversion < 1.6.23 / 1.7.x < 1.7.10 Multiple Vulnerabilities

Binary data 6854.prm...