@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-31800 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-31800 Source advisory: OSV:GHSA-7XG7-RQF6-PW6C...

CVE-2026-31800

Parse Server (Node.js) vulerable prior to 9.5.2-alpha.12 and 8.6.25 where internal classes _GraphQLConfig and _Audience can be read, modified, or deleted via the generic /classes/_GraphQLConfig and /classes/_Audience routes without master key authentication. This bypasses the master key enforceme...

EUVD-2022-31800

Malicious code in bioql PyPI...

EUVD-2025-31800

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-31800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and...

CVE-2024-31800

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port...

CVE-2025-31800

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in publitio Publitio publitio allows Path Traversal.This issue affects Publitio: from n/a through = 2.2.0...

CVE-2025-31800 WordPress Publitio plugin <= 2.2.0 - Arbitrary File Read vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in publitio Publitio publitio allows Path Traversal.This issue affects Publitio: from n/a through = 2.2.0...

CVE-2025-31800

CVE-2025-31800 is a Path Traversal vulnerability in Publitio (WordPress plugin) that allows an authenticated user to read arbitrary files via the plugin. Affected: Publitio plugin for WordPress, versions up to and including 2.1.8. Impact is described as Arbitrary File Read. The vulnerability stat...

WordPress Publitio plugin <= 2.2.0 - Arbitrary File Read vulnerability

Arbitrary File Read vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Publitio versions = 2.2.0...

CVE-2024-31800

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port...

CVE-2024-31800

The CVE-2024-31800 entry concerns the GNCC GC2 Indoor Security Camera 1080P. Affected component: the device’s UART Debugging Port enables an authentication bypass, allowing a physically present attacker to obtain a privileged command shell. Documented impact includes high confidentiality, integri...

CVE-2023-31800

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter...

CVE-2023-31800

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter...

CVE-2023-31800

CVE-2023-31800 : Chamilo LMS version 1.11.18 is affected by a Cross Site Scripting (XSS) vulnerability in the forum title parameter that could allow a local attacker to execute arbitrary code. The provided connected documents confirm the affected product/version and the vulnerable parameter but d...

CVE-2023-31800

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter...

CVE-2023-31800

Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter...

FreeBSD : py-impacket -- multiple path traversal vulnerabilities (b692a49c-9ae7-4958-af21-cbf8f5b819ea)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b692a49c-9ae7-4958-af21-cbf8f5b819ea advisory. - Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker...

CVE-2022-31800

CVE-2022-31800 affects Phoenix Contact classic line industrial controllers (ILC, AXC, RFC, and related PC WORX/FC variants) using ProConOS/ProConOS eCLR. The root cause is insufficient verification of data authenticity which could let an unauthenticated, remote attacker upload malicious logic and...

CVE-2021-31800

Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing...