EUVD-2025-26985

Malicious code in bioql PyPI...

CVE-2025-58792

Cross-Site Request Forgery CSRF vulnerability in WPKube Authors List authors-list allows Cross Site Request Forgery.This issue affects Authors List: from n/a through = 2.0.6.2...

CVE-2025-58792

Cross-Site Request Forgery CSRF vulnerability in WPKube Authors List authors-list allows Cross Site Request Forgery.This issue affects Authors List: from n/a through = 2.0.6.2...

WordPress plugin Authors List 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2024-5542

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigation Menu widget of the plugin's Mega Menu extension in all versions up to, and including, 2.0.6.1 due to insufficient inpu...

CVE-2024-5382

The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ma-template' REST API route in all versions up to, and including, 2.0.6.1. This makes it...

Fiyo CMS Cross-Site Scripting Vulnerability (CNVD-2021-45303)

Fiyo CMS is a content management system and software that allows users to add and/or manipulate change website content. A cross-site scripting vulnerability exists in the tag parameter in Fiyo CMS version 2.0.6.1. An attacker can exploit this vulnerability to add html/JavaScript to html code...

CVE-2020-35373

In Fiyo CMS 2.0.6.1, the 'tag' parameter results in an unauthenticated XSS attack...

Fiyo CMS 跨站脚本漏洞

Fiyo CMS is a content management system and software that allows users to add and/or manipulate change website content. A cross-site scripting vulnerability exists in the tag parameter in Fiyo CMS version 2.0.6.1. An attacker can exploit this vulnerability to add html/JavaScript to html code...

Fiyo CMS Elevation of Privilege Vulnerability

Fiyo CMS is a content management system CMS for creating CMS templates. An elevation of privilege vulnerability exists in Fiyo CMS version 2.0.6.1. An attacker can exploit this vulnerability to gain elevated privileges...

FIYO CMS elevation of privilege vulnerability (CNVD-2017-04336)

Fiyo CMS is a content management system CMS for creating CMS templates. An elevation of privilege vulnerability exists in FIYO CMS version 2.0.6.1. An attacker can exploit the vulnerability to gain privileges by modifying parameters...

CVE-2017-6823

CVE-2017-6823 affects Fiyo CMS 2.0.6.1. A remote authenticated user can gain privileges by manipulating the level parameter in dapur/ (app=user&act=edit), abusing the system’s user-group handling to escalate access. Exploit references exist (Exploit-DB, PRION). No patch details are provided in th...

Fiyo CMS 2.0.6.1 - Privilege Escalation

Fiyo CMS 2.0.6.1 - Privilege Escalation Exploit Title: Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level parameter Google Dork: no Date: 11-03-2017 Exploit Author: @runggareksya, @dvnrcy Vendor Homepage: http://www.fiyo.org Software Link:...

Fiyo CMS Cross-Site Scripting Vulnerability

Fiyo CMS is a content management system CMS for creating CMS templates. A cross-site scripting vulnerability exists in Fiyo CMS version 2.0.6.1, which can be exploited by an attacker to inject arbitrary web script or HTML...

TERASOLUNA Server Framework for Java (WEB) Information Disclosure Vulnerability

TERASOLUNA Server Framework for Java WEB is a set of frameworks based on the Java language for creating Web applications WEB version. A security vulnerability exists in TERASOLUNA Server Framework for Java WEB versions 2.0.0.1 through 2.0.6.1. A remote attacker can exploit the vulnerability to...

Cisco RVS4000/WRVS4400N/WAP4410N设备测试接口远程特权提升漏洞

BUGTRAQ ID：64776 CVE ID：CVE-2014-0659 Cisco RVS4000/WRVS4400N/WAP4410N是思科公司发行的无线路由器和无线AP。 Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router和Cisco RVS4000 4-port Gigabit Security Router产品存在安全漏洞，允许未验证远程攻击者获得对设备的root级的访问。 漏洞是由于受影响设备在TCP...