WordPress PhotoMe theme <= 5.6.11 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme PhotoMe versions = 5.6.11...

CVE-2026-20975

Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path...

CVE-2026-20975

Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path...

Samsung Cloud 安全漏洞

SAMSUNG Cloud is an application from the South Korean company Samsung SAMSUNG. It is used to provide a feature to save and view images. A security vulnerability exists in Samsung Cloud versions prior to 5.6.11, which stems from mishandling of insufficient permissions and could lead to accessing...

EUVD-2013-3742

Malware in sbrugna...

EUVD-2013-5606

Malware in sbrugna...

EUVD-2022-49954

Malicious code in bioql PyPI...

CVE-2024-8913

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.11 via the render function in modules/widgets/tpaccordion.php. This makes it possibl...

WordPress plugin The Plus Addons for Elementor 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

PT-2024-28606 · Elementor · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: Element Pack Elementor Addons versions through 5.6.11 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...

WordPress plugin Element Pack Elementor Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-36543 · WordPress · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Element Pack Elementor Addons plugin for WordPress versions up to, and including, 5.6.11 Description: The issue is related to Stored Cross-Site Scripting via the onclick event parameter due to insufficient input sanitization and output...

WordPress plugin OWM Weather 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

SUSE CVE-2015-5590

Stack-based buffer overflow in the pharfixfilepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling...

Mageia: Security Advisory (MGASA-2015-0303)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-22427

NagiosXI 5.6.11 is affected by a remote code execution RCE vulnerability. An authenticated nagiosadmin user can inject additional commands into a request. NOTE: the vendor disputes whether the CVE and its references are actionable because all technical details are omitted, and the only option is ...

CVE-2020-22427

NagiosXI 5.6.11 is affected by a remote code execution RCE vulnerability. An authenticated nagiosadmin user can inject additional commands into a request. NOTE: the vendor disputes whether the CVE and its references are actionable because all technical details are omitted, and the only option is ...

PT-2021-10764 · Nagios Xi · Nagios Xi

Name of the Vulnerable Software and Affected Versions: NagiosXI version 5.6.11 Description: The issue allows an authenticated nagiosadmin user to inject additional commands into a request, potentially leading to remote code execution. The vendor disputes the actionability of the vulnerability due...

Nagios XI 代码注入漏洞

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. A remote code execution vulnerability exists in Nagios XI 5.6.11. An attacker can exploit this vulnerability to inject commands into a...

Oracle MySQL Server 5.5 <= 5.5.29 / 5.6 <= 5.6.11 Security Update (cpuapr2013) - Linux

Oracle MySQL Server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql";...