Linux Distros Unpatched Vulnerability : CVE-2021-22096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the...

CVE-2021-26939

An information disclosure issue exists in henriquedornas 5.2.17 because an attacker can dump phpMyAdmin SQL content. NOTE: third parties report that this is a site-specific problem...

CVE-2025-24667 WordPress Small Package Quotes Plugin <= 5.2.17 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition small-package-quotes-wwe-edition allows SQL Injection.This issue affects Small Package Quotes – Worldwide Express Edition: from n/...

CVE-2025-24667 WordPress Small Package Quotes Plugin <= 5.2.17 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition small-package-quotes-wwe-edition allows SQL Injection.This issue affects Small Package Quotes – Worldwide Express Edition: from n/...

CVE-2025-24667

CVE-2025-24667 is a SQL Injection in WordPress Small Package Quotes – Worldwide Express Edition (affected up to version 5.2.17). The CVE entry specifies improper neutralization of SQL commands in Small Package Quotes – Worldwide Express Edition, with an impact described as Confidentiality High an...

CVE-2024-32369

SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component...

PT-2024-24539 · Hsc Cybersecurity · Hc Mailinspector

Name of the Vulnerable Software and Affected Versions: HSC Cybersecurity HC Mailinspector versions 5.2.17-3 through 5.2.18 Description: An issue in HSC Cybersecurity HC Mailinspector allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the...

CVE-2024-34470

An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read...

HSC Cybersecurity HC Mailinspector 路径遍历漏洞

HSC Cybersecurity HC Mailinspector is a cloud email security solution from HSC Cybersecurity. A path traversal vulnerability exists in HSC Cybersecurity HC Mailinspector versions 5.2.17-3 through v.5.2.18, which stems from an unauthenticated path traversal vulnerability in /public/loader.php, whe...

PT-2024-25923 · Hsc · Hc Mailinspector

Name of the Vulnerable Software and Affected Versions: HSC Mailinspector versions 5.2.17-3 through 5.2.18 Description: An authenticated blind SQL injection issue exists in the mliRealtimeEmails.php file. The ordemGrid parameter in a POST request to "/mailinspector/mliRealtimeEmails.php" does not...

PT-2024-25921 · Unknown · Hc Mailinspector

Name of the Vulnerable Software and Affected Versions: HSC Mailinspector versions 5.2.17-3 through 5.2.18 Description: An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part ...

springframework: malicious input leads to insertion of additional log entries

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...

UBUNTU-CVE-2021-22096

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...

CVE-2021-26939

An information disclosure issue exists in henriquedornas 5.2.17 because an attacker can dump phpMyAdmin SQL content. NOTE: third parties report that this is a site-specific problem...

CVE-2021-26939

An information disclosure issue exists in henriquedornas 5.2.17 because an attacker can dump phpMyAdmin SQL content. NOTE: third parties report that this is a site-specific problem...

CVE-2021-26938

A stored XSS issue exists in henriquedornas 5.2.17 via online live chat. NOTE: Third parties report that no such product exists. That henriquedornas is the web design agency and 5.2.17 is simply the PHP version running on this hosts...

Cross site scripting

DISPUTED A stored XSS issue exists in henriquedornas 5.2.17 via online live chat. NOTE: Third parties report that no such product exists. That henriquedornas is the web design agency and 5.2.17 is simply the PHP version running on this hosts...

CVE-2021-26939

An information disclosure issue exists in henriquedornas 5.2.17 because an attacker can dump phpMyAdmin SQL content. NOTE: third parties report that this is a site-specific problem...

CVE-2021-26939

CVE-2021-26939 affects henriquedornas 5.2.17 and is described in connected sources as an information-disclosure issue that allows an attacker to dump phpMyAdmin SQL content. The SUSE entry and PT-Security note this as a site-specific problem. PT-Security provides a mitigation suggestion: restrict...

CVE-2021-26938

The CVE-2021-26938 entry corresponds to a stored XSS vulnerability in Henriquedornas (web framework) via the online live chat, affecting version 5.2.17. CNVD describes the root cause as lack of proper validation of client-side data by the web application, enabling execution of client-side code. P...