CVE-2023-39525

PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, in the back office, files can be compromised using path traversal by replaying the import file deletion query with a specified file path that uses the traversal path. Version 8.1.1 contains a patch for this issue...

WordPress Logo Carousel Slider plugin <= 2.1.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Logo Carousel Slider versions = 2.1.3...

CVE-2025-39525

CVE-2025-39525 — WordPress Logo Carousel Slider: Stored Cross-Site Scripting vulnerability in versions up to 2.1.3 due to improper input neutralization during web page generation. Affected software: Logo Carousel Slider

CVE-2025-39525 WordPress Logo Carousel Slider plugin <= 2.1.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpWax Logo Carousel Slider logo-carousel-slider allows Stored XSS.This issue affects Logo Carousel Slider: from n/a through = 2.1.3...

CVE-2024-39525

creationtimestamp| type| source ---|---|--- 2024-10-09 23:11:21+00:00| seen| https://t.me/cvedetector/7533...

CVE-2023-39525

creationtimestamp| type| source ---|---|--- 2023-08-08 00:13:32+00:00| seen| https://t.me/cibsecurity/67922...

CVE-2023-39525

Summary: CVE-2023-39525 affects PrestaShop prior to version 8.1.1, where an improper validation in the back office import file deletion query allows path traversal to compromise files. Root cause: path traversal vulnerability in the file deletion/import handling (no details on exact vulnerable fi...

CVE-2023-39525 PrestaShop vulnerable to path traversal

PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, in the back office, files can be compromised using path traversal by replaying the import file deletion query with a specified file path that uses the traversal path. Version 8.1.1 contains a patch for this issue...

CVE-2021-39525

An issue was discovered in libredwg through v0.10.1.3751. bitreadfixed in bits.c has a heap-based buffer overflow...

CVE-2021-39525

Summary: CVE-2021-39525 affects libredwg up to v0.10.1.3751, where bit_read_fixed() in bits.c has a heap-based buffer overflow. The vulnerability is documented with CVSS v3.1 score 8.8 (HIGH) and CVSS v2.0 score 6.8 (MEDIUM) indicating network access, no authentication, and partial impact on conf...

IBM Lotus Notes SURunAs.exe明文存储口令漏洞

BUGTRAQ ID: 39525 Lotus Notes是由IBM开发的集成邮件、日历、即时消息、浏览器和业务协作应用，可用作Lotus Domino服务器应用的桌面客户端。 Lotus Notes的SURunAs工具存储了在PC上安装Notes的Windows账号口令，本地用户可以使用第三方工具查看surunas中以明文形式存储的口令。 IBM Lotus Notes 8.5 IBM Lotus Notes 8.0 IBM Lotus Notes 7.0 厂商补丁： IBM --- 厂商建议完成安装后更改管理口令即可修复这个漏洞。...