OPENSUSE-SU-2026:10160-1 python311-Django-5.2.11-1.1 on GA media

These are all security issues fixed in the python311-Django-5.2.11-1.1 package on the GA media of openSUSE Tumbleweed...

Django 安全漏洞

Django is a set of open-source web framework based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions prior to Django 6.0.2, 5.2.11, and 4.2.28 have security vulnerabilities. These...

CVE-2025-11446

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.2.0 before 5.2.12...

EUVD-2009-3528

Malware in sbrugna...

CVE-2025-8663

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.0.0 before 5.2.12...

CVE-2025-8663

Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper Manager allows Use of Known Domain Credentials.This issue affects upKeeper Manager: from 5.0.0 before 5.2.12...

CVE-2025-47661

Cross-Site Request Forgery CSRF vulnerability in codemstory 워드프레스 결제 심플페이 pgall-for-woocommerce allows Cross Site Request Forgery.This issue affects 워드프레스 결제 심플페이: from n/a through = 5.2.11...

CVE-2025-47661

CVE-2025-47661 describes a CSRF vulnerability in the WordPress plugin 워드프레스 결제 심플페이 (WordPress 결제 심플페이) affecting versions from n/a through 5.2.11. The connected sources confirm a CSRF issue but do not provide a concrete fix version or patch details within the supplied material. The vulnerability...

CVE-2025-47661 WordPress 워드프레스 결제 심플페이 plugin <= 5.2.11 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in codemstory 워드프레스 결제 심플페이 pgall-for-woocommerce allows Cross Site Request Forgery.This issue affects 워드프레스 결제 심플페이: from n/a through = 5.2.11...

WordPress plugin 워드프레스 결제 심플페이 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

SUSE CVE-2009-3294

The popen API function in TSRM/tsrmwin32.c in PHP before 5.2.11 and 5.3.x before 5.3.1, when running on certain Windows operating systems, allows context-dependent attackers to cause a denial of service crash via a crafted 1 "e" or 2 "er" string in the second argument aka mode, possibly related t...

WordPress Zero Spam plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress Zero Spam plugin is a WordPress open source application plugin. SQL injection vulnerability exists in versions of WordPress Zero Spam plugin prior to 5.2.11. The vulnerability stems from t...

WordPress 5.7 < 5.7.2 / 5.6 < 5.6.4 / 5.5 < 5.5.5 / 5.4 < 5.4.6 / 5.3 < 5.3.8 / 5.2 < 5.2.11

WordPress versions 5.7 5.7.2 / 5.6 5.6.4 / 5.5 5.5.5 / 5.4 5.4.6 / 5.3 5.3.8 / 5.2 5.2.11 are affected by one or more vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from WordPress Security Advisory...

IBM Tivoli Storage Productivity Center and IBM Spectrum Control Cross-Site Scripting Vulnerability

IBM Tivoli Storage Productivity Center and IBM Spectrum Control are both storage resource management software from IBM USA. A cross-site scripting vulnerability exists in IBM Tivoli Storage Productivity Center versions 5.2.0 through 5.2.7.1 and IBM Spectrum Control versions 5.2.8 through 5.2.11. ...

CVE-2016-5944

Cross-site scripting XSS vulnerability in the Web UI in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string...

CVE-2015-7984

Multiple cross-site request forgery CSRF vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary 1 commands via the cmd paramet...

PHP 5.2.11/5.3.0 - Multiple Vulnerabilities

No description provided by source. ?php / PHP 5.2.11/5.3.0 symlink openbasedir bypass by Maksymilian Arciemowicz http://securityreason.com/ cxib a.T securityreason d0t com CHUJWAMWMUZG / $fakedir=cx; $fakedep=16; $num=0; // offset of symlink.$num if!empty$GET'file' $file=$GET'file'; else...

PHP <= 5.2.11 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/37389/info PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

PHP "multipart/form-data" Denial of Service Exploit (Python)

No description provided by source. !/usr/bin/python -- coding: utf-8 -- Author: Eren Turkay eren .-. pardus.org.tr, 2009/11/20 http://www.pardus.org.tr/eng/ Credits: Bogdan Calin from Acunetix Description: Exploit to cause denial of service on any host that runs PHP via temporary file exhaustion...

PHP < 5.2.11 Multiple Vulnerabilities

PHP is prone to multiple vulnerabilities. Copyright C 2012 NopSec Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...