CVE-2026-7108 code-projects Invoice System in Laravel cross-site request forgery

A security vulnerability has been detected in code-projects Invoice System in Laravel 1.0. This affects an unknown function. Such manipulation leads to cross-site request forgery. The attack may be performed from remote. The exploit has been disclosed publicly and may be used...

Linux Distros Unpatched Vulnerability : CVE-2013-7108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticate...

MAL-2025-7108 Malicious code in @azl-react-components/svgs (npm)

The package @azl-react-components/svgs was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

CVE-2025-7108

A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6.7. Affected by this vulnerability is the function deleteFile of the file...

CVE-2025-7108

A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6.7. Affected by this vulnerability is the function deleteFile of the file...

CVE-2025-7108 risesoft-y9 Digital-Infrastructure Y9FileController.java deleteFile path traversal

A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6.7. Affected by this vulnerability is the function deleteFile of the file...

CVE-2024-7108

Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CyberMath: before CYBM.240816253...

Ubuntu 18.04 LTS : AsyncSSH vulnerabilities (USN-7108-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7108-2 advisory. USN-7108-1 fixed vulnerabilities in AysncSSH. This update provides the corresponding update for Ubuntu 18.04 LTS. Tenable has extracted the preceding...

CVE-2024-7108

creationtimestamp| type| source ---|---|--- 2024-09-26 14:39:07+00:00| seen| https://t.me/cvedetector/6408...

Malicious code in wlwz-2312-7108 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a59b45506c3694870f405e7c881ccb74f2ba12d1d186cb267ec165f926480fa4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-817 Malicious code in wlwz-2312-7108 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a59b45506c3694870f405e7c881ccb74f2ba12d1d186cb267ec165f926480fa4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-7108

creationtimestamp| type| source ---|---|--- 2024-01-19 09:16:32+00:00| seen| https://t.me/ctinow/170112...

CVE-2023-7108

CVE-2023-7108 describes a cross-site scripting vulnerability in code-projects’ E-Commerce Website 1.0. The issue resides in an unknown part of the file user_signup.php, where the argument firstname can be injected with a payload such as , enabling remote initiation of the attack. Affected product...

CVE-2023-7108 code-projects E-Commerce Website user_signup.php cross site scripting

A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file usersignup.php. The manipulation of the argument firstname with the input leads to cross site scripting. It is possible to initiate the attack remotely. The...

Rocky Linux 8 : sqlite (RLSA-2022:7108)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7108 advisory. - In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing. CVE-2020-35525 - In SQLite 3.31.1, there is an out...

Debian: Security Advisory (DLA-60-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 8 : sqlite (ALSA-2022:7108)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7108 advisory. - In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing. CVE-2020-35525 - In SQLite 3.31.1, there is an out o...

Oracle Linux 8 : sqlite (ELSA-2022-7108)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7108 advisory. - Fixed CVE-2020-35527 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Mageia: Security Advisory (MGASA-2014-0010)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:0156-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...