CVE-2026-56012

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35...

EUVD-2026-37895

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35...

WordPress Media LIbrary Assistant plugin <= 3.35 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin Media LIbrary Assistant versions = 3.35...

CVE-2026-54198

Unauthenticated Cross Site Scripting XSS in Media LIbrary Assistant = 3.35 versions...

CVE-2026-54198

CVE-2026-54198 affects the WordPress Media Library Assistant plugin up to version 3.35. The vulnerability is an unauthenticated cross-site scripting (XSS) in the plugin (reflected XSS per CVE record) with a CVSS 3.1 base score of 7.1 (HIGH). Attack vector: Network; privileges required: NONE; user...

CVE-2026-54198 WordPress Media LIbrary Assistant plugin <= 3.35 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Media LIbrary Assistant = 3.35 versions...

WordPress Media Library Assistant plugin <= 3.35 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin Media LIbrary Assistant versions = 3.35...

CVE-2024-34749

Phormer prior to version 3.35 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote unauthenticated attacker may execute an arbitrary script on the web browser of the user...

DEBIAN-CVE-2025-43971

An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen...

CVE-2024-34749

Phormer prior to version 3.35 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote unauthenticated attacker may execute an arbitrary script on the web browser of the user...

CVE-2024-34749

Phormer prior to version 3.35 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote unauthenticated attacker may execute an arbitrary script on the web browser of the user...

Phormer vulnerable to cross-site scripting

Overview Phormer contains a cross-site scripting vulnerability CWE-79. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on t...

JVN#61054671: Phormer vulnerable to cross-site scripting

Phormer contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user. Solution Update the Software Update the software to the latest version according to the information provided by the developer. Phormer version 3.35 was released...

PT-2024-28030 · WordPress · Click To Chat – Holithemes

Name of the Vulnerable Software and Affected Versions: Click to Chat – HoliThemes plugin for WordPress versions up to, and including, 3.35 Description: The issue allows authenticated attackers with contributor access or above to include and execute arbitrary files on the server. This enables the...

WordPress Click to Chat plugin <= 3.35 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by haidv35 from Viettel Cyber Security in WordPress Plugin Click to Chat versions = 3.35...

Sourcegraph 安全漏洞

Sourcegraph is an open source code search and navigation tool from US-based Sourcegraph. A security vulnerability exists in Sourcegraph versions 3.35 and 3.36, which stems from the reintroduction of a previously fixed side-channel vulnerability in the code monitoring feature, in which strings in...

Solaris 10 (x86) : 119214-38

NSSNSPRJSS 3.35x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2. Date this patch was last updated by Sun : May/16/18 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid109884; scriptversion"1.6";...

Debian Security Advisory DSA 501-1 (exim)

The remote host is missing an update to exim announced via advisory DSA 501-1. OpenVAS Vulnerability Test $Id: deb5011.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 501-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Exim Sender 3.35 - Verification Remote Stack Buffer Overrun

// source: https://www.securityfocus.com/bid/10290/info Exim has been reported prone to a remotely exploitable stack-based buffer overrun vulnerability. This is exposed if sender verification has been enabled in the agent and may be triggered by a malicious e-mail. Exploitation may permit executi...

Exim Sender 3.35 - Verification Remote Stack Buffer Overrun

Exim Sender 3.35 - Verification Remote Stack Buffer Overrun // source: https://www.securityfocus.com/bid/10290/info Exim has been reported prone to a remotely exploitable stack-based buffer overrun vulnerability. This is exposed if sender verification has been enabled in the agent and may be...