CVE-2026-6166

creationtimestamp| type| source ---|---|--- 2026-04-13 09:17:05+00:00| seen| Telegram/bcMGQo5yfO9RORBGyfkr5CsGhdtRQYWZD2qi5kLjohdbd-Q...

CVE-2026-6166

A security vulnerability has been detected in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/UpdateVehicleFunction.php. The manipulation of the argument VEHICLEID leads to sql injection. The attack may be initiated remotely. The...

CVE-2026-6166

A security vulnerability has been detected in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/UpdateVehicleFunction.php. The manipulation of the argument VEHICLEID leads to sql injection. The attack may be initiated remotely. The...

Debian: Security Advisory (DSA-6166-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2007-6206

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-6166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN...

CVE-2025-6166

A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been rated as problematic. This issue affects the function imageget of the file /python/api/imageget.py. The manipulation of the argument path leads to path traversal. Upgrading to version 0.8.4.1 is able to address this issue. The...

CVE-2025-6166

creationtimestamp| type| source ---|---|--- 2025-06-17 06:39:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18567 2025-06-17 07:38:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrryhjztya2m...

CVE-2025-6166

CVE-2025-55523 (Agent-Zero) affects Agent-Zero v0.8.* with a directory traversal flaw in the /api/download_work_dir_file.py component. The related PT-2025-34265 entry confirms versions 0.8.0–0.8.9 are affected and notes there is no information about a fixed newer version in that source. Other con...

CVE-2025-6166 frdel Agent-Zero image_get.py image_get path traversal

A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been rated as problematic. This issue affects the function imageget of the file /python/api/imageget.py. The manipulation of the argument path leads to path traversal. Upgrading to version 0.8.4.1 is able to address this issue. The...

CVE-2025-6166 frdel Agent-Zero image_get.py image_get path traversal

A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been rated as problematic. This issue affects the function imageget of the file /python/api/imageget.py. The manipulation of the argument path leads to path traversal. Upgrading to version 0.8.4.1 is able to address this issue. The...

CVE-2023-6166

The Quiz Maker WordPress plugin before 6.4.9.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...

CVE-2006-6166

Cross-site scripting XSS vulnerability in jce.php in the JCE Admin Component in Ryan Demmer Joomla Content Editor JCE 1.0.4 for Joomla! comjce, without the 20060821 jcepatch, allows remote attackers to inject arbitrary web script or HTML via the mosConfiglivesite parameter...

RHEL 9 : krb5 (RHSA-2024:6166)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6166 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending...

Oracle Linux 9 : krb5 (ELSA-2024-6166)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6166 advisory. 1.21.1-2.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-2 - CVE-2024-37370 CVE-2024-37371 Fix vulnerabilities in GSS message tok...

CVE-2024-6166

creationtimestamp| type| source ---|---|--- 2024-07-09 07:38:21+00:00| seen| https://t.me/cvedetector/239...

CVE-2024-6166

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to time-based SQL Injection via the ‘addonsorder’ parameter in all versions up to, and including, 1.5.112 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2024-6166 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Time-Based SQL Injection

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to time-based SQL Injection via the ‘addonsorder’ parameter in all versions up to, and including, 1.5.112 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2024-6166 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.112 - Authenticated (Contributor+) Time-Based SQL Injection

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to time-based SQL Injection via the ‘addonsorder’ parameter in all versions up to, and including, 1.5.112 due to insufficient escaping on the user supplied parameter and lack of sufficient...

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.112 is vulnerable to SQL Injection

Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.112 Fixed in 1.5.113 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-6166 Patch priority Low CVSS severity Low 8.5 Developer Unlimited Elements PSID cc8f8a24ab2c...