CVE-2026-5774 Juju API Server Denial of Service and Authentication Replay via Unsynchronized Token Map

Improper synchronization of the userTokens map in the API server in Canonical Juju 4.0.5, 3.6.20, and 2.9.56 may allow an authenticated user to possibly cause a denial of service on the server or possibly reuse a single-use discharge token...

CVE-2025-69047

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech MaxShop swmaxshop allows PHP Local File Inclusion.This issue affects MaxShop: from n/a through = 3.6.20...

WordPress plugin MaxShop has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4135

Name of the Vulnerable Software and Affected Versions magentech MaxShop versions through 3.6.20 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

MiracleLinux 4 : sqlite-3.6.20-1.el6_7.2 (AXSA:2015-444:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-444:01 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The A...

CVE-2023-53983

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

CVE-2023-53983 Anevia Flamingo XL/XS 3.6.20 Default Credentials Authentication Bypass

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

CVE-2023-53983 Anevia Flamingo XL/XS 3.6.20 Default Credentials Authentication Bypass

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

WordPress MaxShop theme <= 3.6.20 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme MaxShop versions = 3.6.20...

CVE-2025-59575

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Retrieve Embedded Sensitive Data.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

EUVD-2025-35433

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Retrieve Embedded Sensitive Data.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

CVE-2025-59575 WordPress MasterStudy LMS plugin <= 3.6.20 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Retrieve Embedded Sensitive Data.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

WordPress plugin MasterStudy LMS 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin MasterStudy LMS, which...

WordPress MasterStudy LMS plugin <= 3.6.20 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Bibek Dhakal in WordPress Plugin MasterStudy LMS versions = 3.6.20...

EUVD-2025-30466

Malicious code in bioql PyPI...

EUVD-2025-8810

Malicious code in bioql PyPI...

CVE-2025-59576

Missing Authorization vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

CVE-2025-59577

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Leveraging Race Conditions.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

CVE-2025-59576

Missing Authorization vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

CVE-2025-59576

Public details for CVE-2025-59576 are not provided in the connected documents. The initial document mentions a Missing Authorization issue in MasterStudy LMS