PT-2026-5966

Name of the Vulnerable Software and Affected Versions ExpressTech Systems Quiz And Survey Master versions through 10.3.1 Description A flaw exists in ExpressTech Systems Quiz And Survey Master that allows for SQL Injection. The issue impacts approximately 40,000 WordPress sites globally. A...

WordPress Quiz And Survey Master plugin <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Quiz Results Deletion vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Quiz And Survey Master versions = 10.3.1...

WordPress SmartMag Theme <= 10.3.1 is vulnerable to Cross Site Scripting (XSS)

Software SmartMag Type Theme Vulnerable versions = 10.3.1 Fixed in 10.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-64204 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6a240fc7988d Credits João Pedro S Alcântara Kinorth Required...

CVE-2022-0665

Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2...

Arctera eDiscovery Platform 安全漏洞

Arctera eDiscovery Platform is a complete integrated solution from Arctera that streamlines the electronic data presentation process across EDRM. A security vulnerability exists in Arctera eDiscovery Platform versions prior to 10.3.2, which stems from command line plaintext password storage...

CVE-2024-29409

File Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code via the Content-Type header...

CVE-2024-29409

File Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code via the Content-Type header...

CVE-2024-29409

File Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code via the Content-Type header...

ProjeQtOr Project Management System 10.3.2 - Remote Code Execution Vulnerability

Exploit Title: ProjeQtOr Project Management System 10.3.2 -Remote Code Execution RCE Application: ProjeQtOr Project Management System Version: 10.3.2 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://www.projeqtor.org Software Link:...

SUSE CVE-2017-2539

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...

GHSA-Q67F-3JQ4-MWW2 Cross-site Scripting in Pimcore

Pimcore version 10.3.2 and prior is vulnerable to stored cross-site scripting. A patch is available and anticipated to be part of version 10.3.3...

Cross-site Scripting in Pimcore

Pimcore version 10.3.2 and prior is vulnerable to stored cross-site scripting. A patch is available and anticipated to be part of version 10.3.3...

CVE-2022-0665 Path Traversal in pimcore/pimcore

Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2...

Pimcore 路径遍历漏洞

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce frameworks and product information management applications. pimcore versions prior to 10.3.2 contain a...

CVE-2019-17337 TIBCO Spotfire Server Library Vulnerable to Reflected Cross-Site Scripting

The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker to perform a reflected cross-site scripting XSS attack. Affected releases are TIBCO Software Inc.'...

CVE-2017-7004

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "Security" component. A race condition allows attackers to bypass intended entitlement restrictions for sending XPC messages via a crafted app...

Then talk about CVE-2017-7047 Triple_Fetch and iOS 10.3.2 sandbox escape-vulnerability warning-the black bar safety net

Ian Beer@google released a CVE-2017-7047TripleFetch of exp and it is1, The chenliang@keenlab also published on TripleFetch analysis2, but due to this vulnerability and exp there are a lot of highlights, so also the remaining lot can dig deep into the details. Thus, our simple analysis of...

Security research team released 8 Apple iOS security vulnerability: hackers can easily attack-vulnerability warning-the black bar safety net

According to foreign media ZDNet reports, the Israeli mobile security company Zimperium recently released 8 Apple iOS system vulnerabilities, hackers can exploit these vulnerabilities to completely control the user's iOS device, so as to obtain the device's GPS data, photos, and contact...

About the security content of iOS 10.3.2 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

Apple iOS and Safari WebKit Memory Corruption Vulnerability (CNVD-2017-07607)

Apple iOS and Safari are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems; WebKit is an open-source web browser engine developed by KDE, Apple, Google,...