CVE-2026-3721

A weakness has been identified in 1024-lab/lab1024 SmartAdmin up to 3.29. The affected element is an unknown function of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/helpdoc/domain/form/HelpDocAddForm.java of the component Help Documentation Module. This manipulation causes...

CVE-2026-3721

CVE-2026-3721 reports a cross-site scripting (XSS) vulnerability in the SmartAdmin package by 1024-lab/lab1024, affecting the Help Documentation Module up to version 3.29. The issue is traced to an unspecified function within sa-base/src/main/java/net/lab1024/sa/base/module/support/helpdoc/domain...

smart-admin 代码注入漏洞

Smart-Admin is a rapid development platform developed by individual developers of 1024-lab. Versions of Smart-Admin prior to 3.29 contained a code injection vulnerability. This vulnerability stemmed from incorrect handling of the file...

PT-2026-23926

A security flaw has been discovered in 1024-lab/lab1024 SmartAdmin up to 3.29. Impacted is an unknown function of the file smart-admin-web-javascript/src/views/business/oa/notice/components/notice-form-drawer.vue of the component Notice Module. The manipulation results in cross site scripting. Th...

smart-admin 代码注入漏洞

Smart-Admin is a rapid development platform developed by individual developers of 1024-lab. Versions of Smart-Admin prior to 3.29 contained a code injection vulnerability. This vulnerability stemmed from incorrect operations on the file...

CVE-2025-12895

The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...

PT-2026-3002

The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kalium vc contact form request function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers t...

WordPress plugin Kalium has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2025-63065

Authorization Bypass Through User-Controlled Key vulnerability in David Lingren Media LIbrary Assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media LIbrary Assistant: from n/a through 3.29...

CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...

EUVD-2019-2191

Malware in sbrugna...

WordPress Media Library Assistant Plugin <= 3.28 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Media LIbrary Assistant versions = 3.28...

Null pointer dereference

An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager CCM Platform before 3.29 for Intel SGX. Insufficient pointer validation allows a local attacker to access unauthorized information. This relates to strlen and sgxiswithinuser...

Fortanix EnclaveOS Confidential Computing Manager Platform Security Vulnerability

Fortanix EnclaveOS Confidential Computing Manager Platform is a cloud-native service from Fortanix, Inc. that provides a complete solution for confidential computing in the cloud and in local workloads. A security vulnerability exists in Fortanix EnclaveOS Confidential Computing Manager Platform...

WordPress NextGEN Gallery Plugin < 3.29 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:imagely:nextgengallery"; if description...

PT-2023-13608 · Imagely · Imagely Wordpress Gallery Plugin - Nextgen Gallery

Name of the Vulnerable Software and Affected Versions: Imagely WordPress Gallery Plugin - NextGEN Gallery versions prior to 3.29 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability, which can lead to thumbnail alteration. Recommendations: For versions prior to 3.2...

CVE-2019-10155

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects...

CVE-2019-10155

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects...

CVE-2010-2932

BarCodeWiz BarCode ActiveX Control (BarcodeWiz.dll) version 3.29 and prior is affected by a buffer overflow in LoadProperties, enabling remote code execution. This vulnerability affects Windows platforms using the ActiveX control and was documented in multiple sources (Secunia advisory 40786, Exp...

BarCodeWiz BarCode 3.29 Proof Of Concept

BarCodeWiz Barcode ActiveX Control 3.29 PoC SEH Bug found: 24th July 2010 Found by: loneferret Software: http://www.barcodewiz.com/ Nods to exploit-db.com Vulnerable file BarCodeWiz.dll LoadProperties method Tested on: Windows XP Professional SP3 & Windows XP Home SP3 Internet Explorer 6 & Intern...