CVE-2025-68007

Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Espresso 4 Decaf: from n/a through = 5.0.37.decaf...

CVE-2025-68007 WordPress Event Espresso 4 Decaf plugin <= 5.0.37.decaf - Settings Change vulnerability

Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Event Espresso 4 Decaf: from n/a through = 5.0.37.decaf...

WordPress plugin Event Espresso 4 Decaf has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4051

Name of the Vulnerable Software and Affected Versions Event Espresso versions through 5.0.37.decaf Description An authorization issue exists in Event Espresso 4 Decaf, allowing exploitation of incorrectly configured access control security levels. Recommendations Update Event Espresso 4 Decaf to ...

Design/Logic Flaw

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious...

CyberCMS Remote SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================== CyberCMS Remote SQL Injection Vulnerability =========================================== Exploit Title: CyberCMS Remote SQL Injection Vuln. Date: 26/11/2009 Author: hc0de | hc0de.blogspot.com Software...

MySQL < 5.0.37 Single Row Subselect Remote DoS Vulnerability

MySQL is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql";...

MySQL安全调用特权提升漏洞

MySQL是一款开放源代码的数据库程序。 MySQL在部分函数过程中不正确恢复访问特权，远程攻击者可以利用漏洞提升权限，进行其他攻击。 目前没有详细漏洞细节提供。 MySQL AB MySQL 5.1.17 MySQL AB MySQL 5.1.16 MySQL AB MySQL 5.1.15 MySQL AB MySQL 5.1.14 MySQL AB MySQL 5.1.13 MySQL AB MySQL 5.1.12 MySQL AB MySQL 5.1.11 MySQL AB MySQL 5.1.10 MySQL AB MySQL 5.1.9 MySQL AB MySQL 5.1...

MySQL Single Row Subselect Remote DoS

According to its banner, the version of MySQL on the remote host is older than 5.0.37. Such versions are vulnerable to a remote denial of service when processing certain single row subselect queries. A malicious user can crash the service via a specially crafted SQL query. C Tenable Network...