NPM: automagik-genie has a command injection vulnerability

NPM: automagik-genie has a command injection vulnerability discovered by ? in WordPress Npm automagik-genie versions 2.5.27...

CVE-2026-26190

Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath...

milvus 访问控制错误漏洞

Milvus is a high-performance cloud-native vector database open source project by The Milvus Project. Versions of Milvus prior to 2.5.27 and 2.6.10 contained an access control vulnerability. This vulnerability stemmed from an authentication bypass in the default exposed TCP port 9091, which could...

PT-2026-8025

Name of the Vulnerable Software and Affected Versions Milvus versions prior to 2.5.27 Milvus versions prior to 2.6.10 Description Milvus, an open-source vector database for generative AI applications, is affected by an issue that allows authentication bypasses. The software exposes TCP port 9091 ...

CVE-2025-66386

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin...

MISP 安全漏洞

MISP is an open source software solution from MISP Open Source. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.5.27,...

CVE-2025-66386

Vulnerability summary for CVE-2025-66386: In MISP up to version 2.5.27, the file app/Model/EventReport.php is vulnerable to a path traversal condition when a site-admin views a picture, enabling navigation outside the intended directory. Affected product: MISP (before 2.5.27). Root cause: path tr...

CVE-2024-5522

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

WordPress HTML5 Video Player plugin < 2.5.27 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Mayank Deshmukh in WordPress Plugin Flash & HTML5 Video versions 2.5.27...

HTML5 Video Player < 2.5.27 - Unauthenticated SQLi

Description The plugin does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks % time curl "https://example.com/?restroute=/h5vp/v1/video/1&id=1'+OR+SELECT+1+FROM+SELECTSLEEP5xyz--+-"...

Wordpress wpStoreCart Plugin 2.5.27-2.5.29 Arbitrary File Upload

No description provided by source. Description : Wordpress Plugins - wpStoreCart Arbitrary File Upload Vulnerability Version : 2.5.27 - 2.5.29 Link : http://wordpress.org/extend/plugins/wpstorecart/ Plugins : http://downloads.wordpress.org/plugin/wpstorecart.2.5.29.zip Date : 03-06-2012 Google Do...

WordPress Plugin wpStoreCart 2.5.27-2.5.29 - Arbitrary File Upload

WordPress Plugin wpStoreCart 2.5.27-2.5.29 - Arbitrary File Upload Description : Wordpress Plugins - wpStoreCart Arbitrary File Upload Vulnerability Version : 2.5.27 - 2.5.29 Link : http://wordpress.org/extend/plugins/wpstorecart/ Plugins :...

WordPress wpStoreCart 2.5.29 Shell Upload

Description : Wordpress Plugins - wpStoreCart Arbitrary File Upload Vulnerability Version : 2.5.27 - 2.5.29 Link : http://wordpress.org/extend/plugins/wpstorecart/ Plugins : http://downloads.wordpress.org/plugin/wpstorecart.2.5.29.zip Date : 03-06-2012 Google Dork :...

WordPress Plugin wpStoreCart 2.5.27-2.5.29 - Arbitrary File Upload

Description : Wordpress Plugins - wpStoreCart Arbitrary File Upload Vulnerability Version : 2.5.27 - 2.5.29 Link : http://wordpress.org/extend/plugins/wpstorecart/ Plugins : http://downloads.wordpress.org/plugin/wpstorecart.2.5.29.zip Date : 03-06-2012 Google Dork :...

Wordpress Plugins - wpStoreCart Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Description : Wordpress Plugins - wpStoreCart Arbitrary File Upload Vulnerability Version : 2.5.27 - 2.5.29 Link : http://wordpress.org/extend/plugins/wpstorecart/ Plugins : http://downloads.wordpress.org/plugin/wpstorecart.2.5.29.zip Google...