acegisecurity:acegi-security-catalina (>=0.7.0 <=0.9.0), ch.qos.logback:logback-access (=${parent.version}) +40 more potentially affected by CVE-2026-43512 via tomcat:catalina (>=4.0.6 <=5.5.9)

tomcat:catalina MAVEN version =4.0.6, =0.7.0, =0.6, =3.2.10-1-SP3seam2hibernate5, =1.5, =1.0, =1.0, =1.0.0, =4.7.1, =4.7.2 - org.apache.geronimo.assemblies:geronimo-tomcat-minimal =1.2-beta - org.apache.geronimo.configs:ca-helper-tomcat =1.2-beta - org.apache.geronimo.configs:dojo-tomcat =1.2-bet...

EUVD-2025-36023

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jamel.Z Tooltipy bluet-keywords-tooltip-generator allows Stored XSS.This issue affects Tooltipy: from n/a through = 5.5.9...

Two App Studio Journey 安全漏洞

Two App Studio Journey is a cross-platform digital diary application from Two App Studio Singapore. A security vulnerability exists in Two App Studio Journey version 5.5.9, which stems from unencrypted storage of the database and could lead to the disclosure of sensitive data...

PT-2024-30461 · WordPress · Wp Data Access

Name of the Vulnerable Software and Affected Versions: WP Data Access versions through 5.5.7 Description: A Cross-Site Request Forgery CSRF issue affects the WP Data Access plugin, allowing potential attacks. Upgrade to a newer version to protect against this issue. Recommendations: For versions...

Moderate: Red Hat Security Advisory: Logging Subsystem for Red Hat OpenShift - 5.5.9 security update

An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Security Bulletin: Enterprise Content Management System Monitor is affected by vulnerability in Dojo [CVE-2021-23450]

Summary Vulnerability found in Dojo used by Enterprise Content Management System Monitor. Enterprise Content Management System Monitor has addressed the applicable CVE CVE-2021-23450. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrary...

CVE-2021-44056

An improper authentication vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Video Station: Video Station...

Curfew e-Pass Management System 1.0 SQL Injection Vulnerability

Curfew e-Pass Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to gh1mau. Exploit Title: Curfew e-Pass Management System 1.0 Multiple SQL Injection Vulnerabilities Exploit Author: Mucahit...

UBICOD Medivision Digital Signage 1.5.1 CSRF Add Super Admin

Summary Medivision is a service that provides everything from DID operation to development of DID Digital Information Display optimized for hospital environment and production of professional contents, through DID product installation, image, video content planning, design work, and remote contro...

squarelovin.com Cross Site Request Forgery vulnerability

Open Bug Bounty ID: OBB-1164939 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Updated kernel packages fix security vulnerabilities

This update is based on upstream 5.5.9 and fixes at least the following security vulnerabilities: In the Linux kernel 5.4.0-rc2, there is a use-after-free read in the blkaddtrace function in kernel/trace/blktrace.c which is used to fill out a blkiotrace structure and place it in a per-cpu...

Dotclear 2.9.1 Shell Upload

Dotclear 2.9.1 Malicious File Upload Restriction Bypass + Software: https://dotclear.org/ + Author: Wiswat Aswamenakul + Affected version: only tested on 2.9.1 previous version might be affected + Platform: tested on Ubuntu 14.04, PHP 5.5.9 + Description Dotclear has a feature to upload files in...

Dotclear 2.9.1 Directory Download

Dotclear 2.9.1 Directory Download Vulnerability + Software: https://dotclear.org/ + Author: Wiswat Aswamenakul + Affected version: only tested on 2.9.1 previous version might be affected + Platform: tested on Ubuntu 14.04, PHP 5.5.9 + Description Authenticated users with media manager access...

modified eCommerce 2.0.0.0 Rev 9678 SQL Injection

Title: Blind Injection modified eCommerce 2.0.0.0 rev 9678 Date: 16.04.2016 Category: webapps Vendor Homepage: http://www.modified-shop.org/download Software Link: http://www.modified-shop.org/forum/index.php?action=downloads;sa=downfile&id=96 Version: 2.0.0.0 rev 9678 Tested on: Apache/2.4.7, PH...

Joomla HTTP Header Unauthenticated Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Joomla HTTP Header Unauthenticated Remote Code Execution', 'Description' = %q Joomla suffers from an unauthenticated remote code...

Zenario CMS 7.0.7c Remote Code Execution Vulnerability

Zenario CMS versions 7.0.7c and 7.1.0 and below suffer from a remote code execution vulnerability. Zenario CMS 7.0.7c Remote Code Execution Vulnerability Vendor: Tribal Ltd. Product web page: http://www.zenar.io Affected version: = 7.0.7c and 7.1.0 svn Summary: Zenario is a web-based content...

Zenario CMS 7.0.7c Remote Code Execution Vulnerability

Summary Zenario is a web-based content management system for sites with one or many languages. It's designed to grow with your site, adding extranet, online database and custom functionality when you need it. Description The vulnerability is caused due to the improper verification of uploaded fil...

PHP 5.5.9 - zend_executor_globals CGIMode FPM WriteProcMemFile Disable Functions Bypass Load Dynamic Library

PHP 5.5.9 - zendexecutorglobals CGIMode FPM WriteProcMemFile Disable Functions Bypass Load Dynamic Library ?php // EDB Note: Paper https://www.exploit-db.com/docs/english/38104-shoot-zendexecutorglobals-to-bypass-php-disablefunctions.pdf errorreporting0x66778899; settimelimit0x41424344;...

SiteFactory CMS 5.5.9 任意文件下载漏洞

漏洞详情：SiteFactory CMS 5.5.9 存在任意文件下载漏洞。问题链接：sitefactory/assets/download.aspx?file=测试链接：/sitefactory/assets/download.aspx?file=c%3a\windows\win.ini影响版本：SiteFactory CMS 5.5.9...

SiteFactory CMS 5.5.9 Directory Traversal

|||||||||||||| + Title: SiteFactory CMS 5.5.9 Path Traversal File = \ , + Date: 19-8-2015 = | + Autor Guillermo Garcia Marcos = / + Vendor: http://www.mindbite.se/ / \ o\ + Dork : inurl:/sitefactory/assets/ | | \ \ + info: The file parameter is vulnerable to path traversal attacks, | |/ enabling...