CVE-2026-44371

Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2...

CVE-2026-44371 Open OnDemand: Specially crafted filenames can execute javascript in the file browser

Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2...

PT-2026-40947

Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2...

Open OnDemand 跨站脚本漏洞

Open OnDemand is an open-source software developed by the Ohio Supercomputer Center, designed for open-ended interactive HPC through web-based interfaces. Versions of Open OnDemand prior to 4.0.11, 4.1.5, and 4.2.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from...

CVE-2026-27117

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.11, a path traversal vulnerability "Zip Slip" exists in bit7z's archive extraction functionality. The library does not adequately validate file paths contained in archive...

CVE-2026-27117 bit7z has a path traversal vulnerability

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.11, a path traversal vulnerability "Zip Slip" exists in bit7z's archive extraction functionality. The library does not adequately validate file paths contained in archive...

PT-2026-21808

Name of the Vulnerable Software and Affected Versions bit7z versions prior to 4.0.11 Description bit7z is a cross-platform C++ static library used for archive compression and extraction. A path traversal flaw "Zip Slip" exists in the archive extraction functionality prior to version 4.0.11. The...

bit7z 安全漏洞

bit7z is a file compression/uncompression tool developed by Riccardo as an individual project. Versions of bit7z prior to 4.0.11 contained security vulnerabilities; these vulnerabilities stemmed from insufficient validation of file paths during archive extraction, which could lead to arbitrary fi...

CVE-2025-63040 WordPress Post Snippets plugin <= 4.0.11 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal Post Snippets allows Cross Site Request Forgery.This issue affects Post Snippets: from n/a through 4.0.11...

CVE-2025-63040 WordPress Post Snippets plugin <= 4.0.11 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal Post Snippets post-snippets allows Cross Site Request Forgery.This issue affects Post Snippets: from n/a through = 4.0.11...

CVE-2025-63040

CVE-2025-63040 describes a CSRF vulnerability in the WordPress plugin Post Snippets (post-snippets) that affects versions from n/a up to and including 4.0.11. The issue is attributed to Cross-Site Request Forgery in the plugin, potentially enabling unauthorized actions on behalf of an authenticat...

WordPress plugin Post Snippets 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

CVE-2025-60729

PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function...

PerfreeBlog 安全漏洞

PerfreeBlog is PerfreeBlog open source a java-based development of blog/CMS site building platform. PerfreeBlog v4.0.11 version of a security vulnerability , the vulnerability stems from the unInstallTheme function has an arbitrary file deletion vulnerability...

EUVD-2025-35861

PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function...

EUVD-2025-35862

PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function...

EUVD-2025-35860

PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function...

EUVD-2025-35886

PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function...

PT-2025-43663

Name of the Vulnerable Software and Affected Versions PerfreeBlog version 4.0.11 Description PerfreeBlog version 4.0.11 contains a File Upload issue within the installTheme function. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

PT-2025-43665

Name of the Vulnerable Software and Affected Versions PerfreeBlog version 4.0.11 Description The software contains a flaw that allows for arbitrary file deletion through the unInstallTheme function. Recommendations Update to a newer version that contains a fix for this vulnerability. As a tempora...