com.festo.aas:p4m-helpers (>=1.0.0 <=1.0.4), de.dfki.cos.basys.aas.registry:aas-registry-compatibility (=0.4.2) +12 more potentially affected by CVE-2026-7411 via org.eclipse.basyx:basyx.sdk (>=1.0.1 <=1.5.1)

org.eclipse.basyx:basyx.sdk MAVEN version =1.0.1, =1.0.0, =0.4.2, =0.5.0, =0.5.0, =0.5.0, =1.0.1, =1.0.1, =1.0.1, =1.0.3, =1.5.1 Source cves: CVE-2026-7411 Source advisory: OSV:GHSA-8GPM-H2MH-36QC...

org.eclipse.digitaltwin.basyx:basyx.submodelrepository-backend-inmemory (=2.0.0-milestone-01), org.eclipse.digitaltwin.basyx:basyx.submodelrepository-backend-mongodb (=2.0.0-milestone-01) +7 more potentially affected by CVE-2026-7411 via org.eclipse.digitaltwin.basyx:basyx.submodelservice-core (=2.0.0-milestone-01)

org.eclipse.digitaltwin.basyx:basyx.submodelservice-core MAVEN version =2.0.0-milestone-01 is affected by a known vulnerability. The following packages have a transitive dependency on org.eclipse.digitaltwin.basyx:basyx.submodelservice-core and may be impacted: -...

org.eclipse.digitaltwin.basyx:basyx.submodelrepository.component (=2.0.0-milestone-01) potentially affected by CVE-2026-7411 via org.eclipse.digitaltwin.basyx:basyx.submodelrepository-http (=2.0.0-milestone-01)

org.eclipse.digitaltwin.basyx:basyx.submodelrepository-http MAVEN version =2.0.0-milestone-01 is affected by a known vulnerability. The following packages have a transitive dependency on org.eclipse.digitaltwin.basyx:basyx.submodelrepository-http and may be impacted: -...

org.eclipse.digitaltwin.basyx:basyx.submodelrepository-backend-inmemory (=2.0.0-milestone-01), org.eclipse.digitaltwin.basyx:basyx.submodelrepository-backend-mongodb (=2.0.0-milestone-01) +3 more potentially affected by CVE-2026-7411 via org.eclipse.digitaltwin.basyx:basyx.submodelrepository-core (=2.0.0-milestone-01)

org.eclipse.digitaltwin.basyx:basyx.submodelrepository-core MAVEN version =2.0.0-milestone-01 is affected by a known vulnerability. The following packages have a transitive dependency on org.eclipse.digitaltwin.basyx:basyx.submodelrepository-core and may be impacted: -...

org.eclipse.digitaltwin.basyx:basyx.submodelservice.component (=2.0.0-milestone-01) potentially affected by CVE-2026-7411 via org.eclipse.digitaltwin.basyx:basyx.submodelservice-http (=2.0.0-milestone-01)

org.eclipse.digitaltwin.basyx:basyx.submodelservice-http MAVEN version =2.0.0-milestone-01 is affected by a known vulnerability. The following packages have a transitive dependency on org.eclipse.digitaltwin.basyx:basyx.submodelservice-http and may be impacted: -...

CVE-2026-7411

creationtimestamp| type| source ---|---|--- 2026-05-05 16:31:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4mefctky2k 2026-05-05 18:43:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml4tqy34lp2t 2026-05-06 08:13:41+00:00| seen|...

CVE-2025-7411 code-projects LifeStyle Store success.php sql injection

A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /success.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2025-7411

CVE-2025-7411 affects code-projects LifeStyle Store 1.0. The vulnerability is an SQL injection in the /success.php file caused by manipulating the ID parameter, exploitable remotely, with the exploit publicly disclosed. Connected sources (PT-2025-29148) recommend sanitizing the ID argument and, a...

CVE-2025-7411 code-projects LifeStyle Store success.php sql injection

A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /success.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has...

Linux Distros Unpatched Vulnerability : CVE-2016-7411

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext/standard/varunserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service memo...

CVE-2024-7411

creationtimestamp| type| source ---|---|--- 2024-08-15 10:57:13+00:00| seen| https://t.me/cvedetector/3231...

CVE-2024-7411 Newsletters <= 4.9.9 - Unauthenticated Full Path Disclosure

The Newsletters plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 4.9.9. This is due the plugin not preventing direct access to the /vendor/mobiledetect/mobiledetectlib/export/exportToJSON.php. This makes it possible for unauthenticated attackers to...

Slackware: Security Advisory (SSA:2016-267-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0319)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2477-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2459-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2477-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-7411

CVE-2019-7411 affects the WordPress plugin MyThemeShop Launcher (version 1.0.8) with multiple stored XSS vectors. The vulnerability arises in several input fields (Title, Favicon, Meta Description, Subscribe Form labels, Contact Form labels, and Social Links URLs), allowing remote authenticated u...

Security Bulletin: IBM Tivoli Monitoring Privileges Escalation through Authorization Bypass (CVE-2015-7411)

Summary IBM Tivoli Monitoring ITM portal client could allow an authenticated user to increase their authority and be able to run commands they were not intended to have authority to run as administrator. This can include running commands on remote systems managed by IBM Tivoli Monitoring...

Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tulea...